Submitted URL: https://etrip.xyz/
Effective URL: https://kaiber.xyz/buy?domain=etrip.xyz
Submission: On December 31 via api from US — Scanned from DE

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 37 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is kaiber.xyz.
TLS certificate: Issued by WE1 on December 1st 2024. Valid for: 3 months.
This is the only time kaiber.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.197.162.184 16509 (AMAZON-02)
2 23 188.114.96.3 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
10 104.18.29.104 13335 (CLOUDFLAR...)
3 51.8.207.171 8075 (MICROSOFT...)
37 6
Apex Domain
Subdomains
Transfer
23 kaiber.xyz
kaiber.xyz
435 KB
10 crisp.chat
client.crisp.chat — Cisco Umbrella Rank: 21493
image.crisp.chat — Cisco Umbrella Rank: 67374
145 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
l.clarity.ms — Cisco Umbrella Rank: 11866
30 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
1 etrip.xyz
etrip.xyz
236 B
37 5
Domain Requested by
23 kaiber.xyz 2 redirects kaiber.xyz
static.cloudflareinsights.com
8 client.crisp.chat kaiber.xyz
client.crisp.chat
3 l.clarity.ms www.clarity.ms
2 image.crisp.chat
2 www.clarity.ms kaiber.xyz
www.clarity.ms
1 static.cloudflareinsights.com kaiber.xyz
1 etrip.xyz 1 redirects
37 7

This site contains links to these domains. Also see Links.

Domain
x.com
www.linkedin.com
t.me
Subject Issuer Validity Valid
kaiber.xyz
WE1
2024-12-01 -
2025-03-01
3 months crt.sh
cloudflareinsights.com
WE1
2024-12-30 -
2025-03-30
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
crisp.chat
E6
2024-11-27 -
2025-02-25
3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh

This page contains 2 frames:

Primary Page: https://kaiber.xyz/buy?domain=etrip.xyz
Frame ID: 43C9A7B6E135B4B0A13DA307ADDBC6D4
Requests: 43 HTTP requests in this frame

Frame: https://kaiber.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: F18DD9C592835FFAF5C1D0ED9E1F3013
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

The domain eTrip.xyz is for sale / Kaiber

Page URL History Show full URLs

  1. https://etrip.xyz/ HTTP 301
    https://kaiber.xyz/inquire?domain=etrip.xyz HTTP 301
    https://kaiber.xyz/buy?domain=etrip.xyz Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

97 %
HTTPS

33 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

615 kB
Transfer

1607 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://etrip.xyz/ HTTP 301
    https://kaiber.xyz/inquire?domain=etrip.xyz HTTP 301
    https://kaiber.xyz/buy?domain=etrip.xyz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://kaiber.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://kaiber.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

37 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request buy
kaiber.xyz/
Redirect Chain
  • https://etrip.xyz/
  • https://kaiber.xyz/inquire?domain=etrip.xyz
  • https://kaiber.xyz/buy?domain=etrip.xyz
39 KB
11 KB
Document
General
Full URL
https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
a3c7a5eaa624a59987922d2d4a4ff1885be57771145c7b9b80d58021f86e7f66

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8fa92a434be91db1-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 31 Dec 2024 09:15:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pa1udUpXsDqXkdyqVOSMBTQVaiuC5%2F1N8dMF1VDUPycFSd0GQ9kxiKPGlx5Xp2q3rXjlRKEFZ1K4qz%2FhhkZT0kPtATPrss5AbwJsmn%2FvUm8PsUlZzoi53vijKYwH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=8287&min_rtt=8175&rtt_var=1361&sent=17&recv=13&lost=0&retrans=0&sent_bytes=5170&recv_bytes=4993&delivery_rate=110143&cwnd=12000&unsent_bytes=0&cid=a364a1224d472b95&ts=1382&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8fa92a432bd91db1-FRA
content-length
167
content-type
text/html
date
Tue, 31 Dec 2024 09:15:26 GMT
expires
Tue, 31 Dec 2024 10:15:26 GMT
location
https://kaiber.xyz/buy?domain=etrip.xyz
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=36VtONxdEp3PBAjGZf4yIT%2F5L%2FIZ5kHWwRI3yGF5TqODswbW%2BP8EJOTa9IcEuxu5LsmU3jjy7HuBo8nUdcGhrdneAceDVF0tHvrrXydwfVttVWvmFlwQEq7uxf1j"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=8285&min_rtt=8175&rtt_var=1810&sent=14&recv=10&lost=0&retrans=0&sent_bytes=4222&recv_bytes=4507&delivery_rate=70574&cwnd=12000&unsent_bytes=0&cid=a364a1224d472b95&ts=23&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
config.css
kaiber.xyz/cdn/css/
15 KB
4 KB
Stylesheet
General
Full URL
https://kaiber.xyz/cdn/css/config.css?58
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea55da1bfb149d871f45b8c7983081b2fa2b662f5711d5cbfbb83f09035c152

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/buy?domain=etrip.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
42360
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rb8y0X2VKtymEuhpedfJk25AKW8RiX48%2FQ4atbG4kj4jemrfUsqyL2bnfc2n6t1d5semsJJQDMhnReKisSy0nXjd%2BlNqUBLZrL5YH32tQbTBfUi16PvqOB4kqQtJ"}],"group":"cf-nel","max_age":604800}
expires
Tue, 30 Dec 2025 21:29:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7500&min_rtt=6589&rtt_var=1190&sent=28&recv=24&lost=0&retrans=0&sent_bytes=16634&recv_bytes=7212&delivery_rate=8432&cwnd=12000&unsent_bytes=0&cid=a364a1224d472b95&ts=1445&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
text/css
last-modified
Fri, 27 Dec 2024 15:22:42 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fa92a4c0aa71db1-FRA
access-control-allow-origin
*
x-turbo-charged-by
LiteSpeed
server
cloudflare
libs.css
kaiber.xyz/cdn/css/
38 KB
10 KB
Stylesheet
General
Full URL
https://kaiber.xyz/cdn/css/libs.css?58
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc7ca04639932d80122a3b3d552115c9877601c2368a08b09ca092ce53f00548

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/buy?domain=etrip.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
42360
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gHaMeE4B0L2hbvHsqkWMKoz2r0gI4btAxX8oSn%2F7Bdub6uxCtGNIiLanpI3xWoUvPqLi9zJMFHUUpRGuAys7Whfw%2BNQZzhRiBqgBOKDfKp6G9P1mUsObjDrkkYii"}],"group":"cf-nel","max_age":604800}
expires
Tue, 30 Dec 2025 21:29:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7500&min_rtt=6589&rtt_var=1190&sent=32&recv=24&lost=0&retrans=0&sent_bytes=21093&recv_bytes=7212&delivery_rate=8432&cwnd=12000&unsent_bytes=0&cid=a364a1224d472b95&ts=1446&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
text/css
last-modified
Sat, 13 Jul 2024 05:32:33 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fa92a4c0aa81db1-FRA
access-control-allow-origin
*
x-turbo-charged-by
LiteSpeed
server
cloudflare
style.css
kaiber.xyz/cdn/css/
109 KB
20 KB
Stylesheet
General
Full URL
https://kaiber.xyz/cdn/css/style.css?58
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae46bc165a3b20944a07e5591a2d7593e4c98e9c3a792ff5ae7f4a5d515059b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/buy?domain=etrip.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
42360
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GneeX%2FWNs1Fxv%2Ff3BdR%2F328Ei%2Fx9I9wUIQztqBQ1o3GOt1a5G5Vn3hjypAwoSuIWCcJd2E95pHDjtAXBk8ecDBsBmtl4I%2FLKoYh%2BsRFCTOUbQLybkNzFNdUCfav9"}],"group":"cf-nel","max_age":604800}
expires
Tue, 30 Dec 2025 21:29:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7500&min_rtt=6589&rtt_var=1190&sent=39&recv=24&lost=0&retrans=0&sent_bytes=28634&recv_bytes=7212&delivery_rate=8432&cwnd=12000&unsent_bytes=0&cid=a364a1224d472b95&ts=1447&x=1", cfExtPri, cfHdrFlush;dur=6
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
text/css
last-modified
Mon, 30 Dec 2024 21:05:08 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fa92a4c0aa91db1-FRA
access-control-allow-origin
*
x-turbo-charged-by
LiteSpeed
server
cloudflare
responsive.css
kaiber.xyz/cdn/css/
36 KB
7 KB
Stylesheet
General
Full URL
https://kaiber.xyz/cdn/css/responsive.css?58
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dba6690f839b864c1994ffe7103c4cea2a98256c1fcbd413e77099077cd8653

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/buy?domain=etrip.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
42360
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4l0QXyA6Zj7qu%2FxVTGXYbc%2FOutTLjavNCXOWNLH%2F68edNS%2BVlnyUDjJVvQDCNRzk0xVZnncVmWipP8kmJhYysfbG%2BLk8oK0uSf0%2BOL9wVt2JfMq0QiOgpXXmfAj"}],"group":"cf-nel","max_age":604800}
expires
Tue, 30 Dec 2025 21:29:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7500&min_rtt=6589&rtt_var=1190&sent=39&recv=24&lost=0&retrans=0&sent_bytes=28634&recv_bytes=7212&delivery_rate=8432&cwnd=12000&unsent_bytes=0&cid=a364a1224d472b95&ts=1446&x=1", cfExtPri, cfHdrFlush;dur=7
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
text/css
last-modified
Fri, 20 Dec 2024 03:15:34 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fa92a4c0aab1db1-FRA
access-control-allow-origin
*
x-turbo-charged-by
LiteSpeed
server
cloudflare
logo.svg
kaiber.xyz/cdn/img/
4 KB
2 KB
Image
General
Full URL
https://kaiber.xyz/cdn/img/logo.svg?10
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1e52bd8af04b59f414337c0c107655c74019a8555cec4f399c7d5716e6bcdcf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/buy?domain=etrip.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
623926
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cmKaT3tFX7TTG0s0z1CTVikL2V13ugpnEssBKuuq4wSyJe09Lgzs0RIZGj7pHe79izb3SGUsLS8g5k3UxIjgm2jzyDD6df6C%2B2Dc9cPOf%2BIaqh4IqI%2FtAHNwMRsK"}],"group":"cf-nel","max_age":604800}
expires
Wed, 24 Dec 2025 03:56:42 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7500&min_rtt=6589&rtt_var=1190&sent=39&recv=24&lost=0&retrans=0&sent_bytes=28634&recv_bytes=7212&delivery_rate=8432&cwnd=12000&unsent_bytes=0&cid=a364a1224d472b95&ts=1446&x=1", cfExtPri, cfHdrFlush;dur=8
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
image/svg+xml
last-modified
Wed, 18 Dec 2024 16:45:05 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fa92a4c0aac1db1-FRA
access-control-allow-origin
*
x-turbo-charged-by
LiteSpeed
server
cloudflare
null.png
kaiber.xyz/cdn/img/
928 B
2 KB
Image
General
Full URL
https://kaiber.xyz/cdn/img/null.png
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51538658b491b30ad6b2dc13ebca3d8c520a8c7bfec1106da47512688d9a2f55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/buy?domain=etrip.xyz

Response headers

cf-cache-status
HIT
age
971424
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OOwTj6YDcO8ENeGW0bAzOR4F77ZBiRLEekicJf%2F9RoWy7SiuZ2rfBvkHBPc%2FT332H2UdbycD9LTTIlqxPRp74Z3%2Fd%2BVj4rSch3evzqwuhks6qDv4%2B6CekpODQaEp"}],"group":"cf-nel","max_age":604800}
expires
Sat, 20 Dec 2025 03:25:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7500&min_rtt=6589&rtt_var=1190&sent=39&recv=24&lost=0&retrans=0&sent_bytes=28634&recv_bytes=7212&delivery_rate=8432&cwnd=12000&unsent_bytes=0&cid=a364a1224d472b95&ts=1447&x=1", cfExtPri, cfHdrFlush;dur=7
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
image/png
last-modified
Sat, 06 Jul 2024 14:24:41 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fa92a4c0aae1db1-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
928
x-turbo-charged-by
LiteSpeed
server
cloudflare
email-decode.min.js
kaiber.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://kaiber.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/buy?domain=etrip.xyz

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"675fc4cd-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MDixCqIYUVCGPJJCj5zBTb2DypglDI7cVGWUA4NFJtHdO6Emr0CEKsKqwCpV8r09J1e1Sw3CfZHQZ5PBZblPwKQu5gBmdipMs6DJPe2sZ9HvsPvCrkt3aCp88lu4"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8fa92a4c4adf1db1-FRA
expires
Thu, 02 Jan 2025 09:15:28 GMT
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 06:12:29 GMT
server
cloudflare
vary
Accept-Encoding
jquery.min.js
kaiber.xyz/cdn/js/lib/
87 KB
33 KB
Script
General
Full URL
https://kaiber.xyz/cdn/js/lib/jquery.min.js?16
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/buy?domain=etrip.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
623926
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9FKR5la29x0ZsnEadnHJjlFkemMyxb9NN9KthbepIM6To3uQcrgKqP387M5uSZt8kIfxHLTkuW1t1MxrxhkLcm5g4J5XxUNqofjlThqFC%2FN2HzcQeBw8iG1Qfx%2BK"}],"group":"cf-nel","max_age":604800}
expires
Wed, 24 Dec 2025 03:56:42 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7986&min_rtt=6589&rtt_var=728&sent=81&recv=51&lost=0&retrans=0&sent_bytes=65901&recv_bytes=9218&delivery_rate=596928&cwnd=30000&unsent_bytes=0&cid=a364a1224d472b95&ts=1493&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
text/javascript
last-modified
Sat, 13 Jul 2024 05:32:41 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fa92a4c4ae01db1-FRA
access-control-allow-origin
*
x-turbo-charged-by
LiteSpeed
server
cloudflare
libs.js
kaiber.xyz/cdn/js/lib/
234 KB
68 KB
Script
General
Full URL
https://kaiber.xyz/cdn/js/lib/libs.js?16
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b8e83272a8457ab51d03380c474c9c32ebafcfefd7b3ee40b431bb56cab5331

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/buy?domain=etrip.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
623926
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZltRCqgpAbBC5fiBZXZD5J2yn5qHSaE44E0yyNV2%2BXqDj5J6kppWawyufFNg4xeLX3Pvkun0oVz6KAlYEa0H0HP0Bp%2Bhc3cOh8R1M6S8sVaHKeP1%2BXauOYY1Ugx6"}],"group":"cf-nel","max_age":604800}
expires
Wed, 24 Dec 2025 03:56:42 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8486&min_rtt=6383&rtt_var=1202&sent=116&recv=66&lost=0&retrans=0&sent_bytes=105509&recv_bytes=10148&delivery_rate=1876626&cwnd=55200&unsent_bytes=0&cid=a364a1224d472b95&ts=1513&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
text/javascript
last-modified
Sat, 13 Jul 2024 05:32:43 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fa92a4c6af71db1-FRA
access-control-allow-origin
*
x-turbo-charged-by
LiteSpeed
server
cloudflare
class.js
kaiber.xyz/cdn/js/
4 KB
2 KB
Script
General
Full URL
https://kaiber.xyz/cdn/js/class.js?16
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e4ef41665c54ca257c91d4540493c7e044c48dfaca6db2ad7a385cf6ba857de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/buy?domain=etrip.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
623926
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zAy6ygLsQPkGEuD0jaabBnadmExiutdwEXKcEhXmjUxuXzb9BRU4gCVJDdhTtq%2FiEMD8hdnw%2FiNoG1SS2VEv671oQQWvyjAVc%2Fi8Gwc14gsDionGkgSFzRSc1pf%2B"}],"group":"cf-nel","max_age":604800}
expires
Wed, 24 Dec 2025 03:56:42 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8552&min_rtt=6383&rtt_var=1542&sent=179&recv=79&lost=0&retrans=0&sent_bytes=176430&recv_bytes=11772&delivery_rate=8829147&cwnd=70800&unsent_bytes=0&cid=a364a1224d472b95&ts=1539&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
text/javascript
last-modified
Tue, 24 Dec 2024 03:27:42 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fa92a4c9b371db1-FRA
access-control-allow-origin
*
x-turbo-charged-by
LiteSpeed
server
cloudflare
st-core.js
kaiber.xyz/cdn/js/
44 KB
9 KB
Script
General
Full URL
https://kaiber.xyz/cdn/js/st-core.js?16
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ab4eea364844deddc74d78cb68f57e466390bf5457547d7f9da62e657ce5d4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/buy?domain=etrip.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
623926
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=23hHa2k0u1nOTV10nuQZ4gEu7qhrauA56clrMqBqktf36N04GAwtvWy4NsaLbCL2ixd9F40AiMaw83SHpVljNo2aBDJlboBLAyuMLnaCrVVcZfAaPnb8u0hTT%2Bxs"}],"group":"cf-nel","max_age":604800}
expires
Wed, 24 Dec 2025 03:56:42 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8301&min_rtt=6383&rtt_var=1658&sent=200&recv=80&lost=0&retrans=0&sent_bytes=198724&recv_bytes=11817&delivery_rate=190975&cwnd=70800&unsent_bytes=0&cid=a364a1224d472b95&ts=1551&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
text/javascript
last-modified
Fri, 26 Jul 2024 17:46:47 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fa92a4cab581db1-FRA
access-control-allow-origin
*
x-turbo-charged-by
LiteSpeed
server
cloudflare
classes.js
kaiber.xyz/cdn/js/
32 KB
7 KB
Script
General
Full URL
https://kaiber.xyz/cdn/js/classes.js?16
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
603c8a444b9955009310a481679ce4e4181282eb0267bf5903e3cc026aebe6a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/buy?domain=etrip.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
623926
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e3gtgSTPfrz76Q1J7rvOKD7NFM8oW%2B1HZrfxGPAZAetniUi%2FQ3h2BvTUbT2A8jYhTJfkbbQjdVKJKIYfapk0gORiMzx2lqTwBRMyLEOViKi%2BIg3X%2F63NPer%2Btpi6"}],"group":"cf-nel","max_age":604800}
expires
Wed, 24 Dec 2025 03:56:42 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8552&min_rtt=6383&rtt_var=1542&sent=181&recv=79&lost=0&retrans=0&sent_bytes=178498&recv_bytes=11772&delivery_rate=8829147&cwnd=70800&unsent_bytes=0&cid=a364a1224d472b95&ts=1548&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
text/javascript
last-modified
Fri, 26 Jul 2024 17:46:47 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fa92a4cab5b1db1-FRA
access-control-allow-origin
*
x-turbo-charged-by
LiteSpeed
server
cloudflare
main.js
kaiber.xyz/cdn/js/
61 KB
12 KB
Script
General
Full URL
https://kaiber.xyz/cdn/js/main.js?16
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3710e2c96b1c85abcee1f1b0cfd5f9493987db84654ad344abb11882a9ae4b2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/buy?domain=etrip.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
623926
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PiMeCZ%2B1Odpss6qoWhsQDqyVLi%2FA0s1RaX6XTx265GG1wC%2FL7%2FQPYstSrLlhJns2q6yqYkvKgO5HFv02%2FzKl%2FsxpYAYbAf02h3LrpvaE7nv3NHVdxuYVv7O50qsU"}],"group":"cf-nel","max_age":604800}
expires
Wed, 24 Dec 2025 03:56:42 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8301&min_rtt=6383&rtt_var=1658&sent=188&recv=80&lost=0&retrans=0&sent_bytes=186035&recv_bytes=11817&delivery_rate=190975&cwnd=70800&unsent_bytes=0&cid=a364a1224d472b95&ts=1549&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
text/javascript
last-modified
Wed, 23 Oct 2024 23:08:28 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fa92a4cab5c1db1-FRA
access-control-allow-origin
*
x-turbo-charged-by
LiteSpeed
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://kaiber.xyz
Referer
https://kaiber.xyz/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8fa92a4cc977bbdf-FRA
access-control-allow-origin
*
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
stg.css
kaiber.xyz/cdn/css/
41 KB
5 KB
Stylesheet
General
Full URL
https://kaiber.xyz/cdn/css/stg.css
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/cdn/css/style.css?58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1de0630c00e40e178d72749e60197f46f1d4354ee00e0b667d1b8343a5feb2d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/cdn/css/style.css?58

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
991528
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w6o2%2Fhwncp5I8L7dLCwhLP9J11zYAgIk58jr97yN5zrHGaNV91RXqPvq%2Fvl3SrOmaHqmGjnshpCVefjwai3v%2Bipqzsjq696YedJXVtiWtQLSV2FWDcLwcY%2Fd9CsG"}],"group":"cf-nel","max_age":604800}
expires
Fri, 19 Dec 2025 21:50:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8156&min_rtt=6383&rtt_var=725&sent=111&recv=65&lost=0&retrans=0&sent_bytes=100260&recv_bytes=10103&delivery_rate=1809320&cwnd=55200&unsent_bytes=0&cid=a364a1224d472b95&ts=1506&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
text/css
last-modified
Fri, 26 Jul 2024 17:46:47 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fa92a4c5ae91db1-FRA
access-control-allow-origin
*
x-turbo-charged-by
LiteSpeed
server
cloudflare
mtkwf4bti4
www.clarity.ms/tag/
571 B
826 B
Script
General
Full URL
https://www.clarity.ms/tag/mtkwf4bti4
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
41663b5d943937b5f1c58ccc8e1ade1f53a658ed950aa2f5ad05cc97c1013d1b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
571
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
application/x-javascript
x-azure-ref
20241231T091528Z-15464c697c5vg97hhC1FRA7ccg00000001gg000000009sm4
l.js
client.crisp.chat/
9 KB
4 KB
Script
General
Full URL
https://client.crisp.chat/l.js
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cde2081451e2cbed947ccc4aebcd294d7a96224084e26a167fabb67fd0d55917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/

Response headers

access-control-max-age
300
content-encoding
br
cf-cache-status
HIT
etag
W/"64e73b34-2428"
age
77427
access-control-allow-methods
HEAD, GET, OPTIONS
x-content-type-options
nosniff
expires
Wed, 01 Jan 2025 09:15:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
application/javascript
last-modified
Thu, 24 Aug 2023 11:12:52 GMT
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
Content-Type, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
false
cf-ray
8fa92a4ccc6ed37a-FRA
access-control-allow-origin
*
server
cloudflare
truncated
/
145 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb1eb810b0fa5ad3d6ff9d0e8b2c7fe1d50249d0c22a47b7d5b195534a649666

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://kaiber.xyz
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
128 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3517b585c915130d33e286dc080e5190eefedb727a2fbd5ce65d065d1436760a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://kaiber.xyz
Referer

Response headers

Content-Type
image/svg+xml
ABCGintoNormalVariable-Trial-BF651b7b78b41dd.woff
kaiber.xyz/cdn/font/
219 KB
220 KB
Font
General
Full URL
https://kaiber.xyz/cdn/font/ABCGintoNormalVariable-Trial-BF651b7b78b41dd.woff
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/cdn/css/config.css?58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60aaabdf15ad8f5859878076d622aabfec7b2c7bbcf4398a90725c65e5c4aa71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://kaiber.xyz
Referer
https://kaiber.xyz/cdn/css/config.css?58

Response headers

cf-cache-status
HIT
age
462649
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0NYMsDiuziImeAja1saeCFQqIU%2F%2BeIWguc27vWNuyWHRlpOtwZfzGa7dnrKM45tGiFZKoPN%2Fq7ReH7FnMX8JcM7%2F8Is2dKU2a%2BfLtarjAJWVDWfMqfzDgZZQuG9F"}],"group":"cf-nel","max_age":604800}
expires
Fri, 26 Dec 2025 00:44:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8021&min_rtt=6383&rtt_var=1110&sent=210&recv=84&lost=0&retrans=0&sent_bytes=208651&recv_bytes=12299&delivery_rate=2804021&cwnd=70800&unsent_bytes=0&cid=a364a1224d472b95&ts=1582&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
font/woff
last-modified
Sun, 13 Oct 2024 23:55:41 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fa92a4cdb801db1-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
224640
x-turbo-charged-by
LiteSpeed
server
cloudflare
client.js
client.crisp.chat/static/javascripts/
375 KB
98 KB
Script
General
Full URL
https://client.crisp.chat/static/javascripts/client.js?7cadd01
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ada5faeab0ddad466623705895d4a8eb5432921c44c95534962f5a9db861da3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/

Response headers

access-control-max-age
300
content-encoding
br
cf-cache-status
HIT
etag
W/"64e73b34-5dd52"
age
77427
access-control-allow-methods
HEAD, GET, OPTIONS
x-content-type-options
nosniff
expires
Fri, 29 Dec 2034 09:15:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
application/javascript
last-modified
Thu, 24 Aug 2023 11:12:52 GMT
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
Content-Type, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=315360000
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
false
cf-ray
8fa92a4d0cd5d37a-FRA
access-control-allow-origin
*
server
cloudflare
client_default.css
client.crisp.chat/static/stylesheets/
113 KB
14 KB
Stylesheet
General
Full URL
https://client.crisp.chat/static/stylesheets/client_default.css?7cadd01
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed47babcdfca4f506a15afce02631af2cc3e9335558090ea9d5328bd5d5bc7af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/

Response headers

access-control-max-age
300
content-encoding
br
cf-cache-status
HIT
etag
W/"676e92ea-1c58d"
age
77427
access-control-allow-methods
HEAD, GET, OPTIONS
x-content-type-options
nosniff
expires
Fri, 29 Dec 2034 09:15:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
text/css
last-modified
Fri, 27 Dec 2024 11:43:38 GMT
vary
Accept-Encoding
priority
u=0,i=?0
access-control-allow-headers
Content-Type, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=315360000
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
false
cf-ray
8fa92a4d0cdad37a-FRA
access-control-allow-origin
*
server
cloudflare
main.js
kaiber.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame F18D
Redirect Chain
  • https://kaiber.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://kaiber.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
8 KB
5 KB
Script
General
Full URL
https://kaiber.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/buy?domain=etrip.xyz
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fcc14f0214c56f8ce0d59ee42f09ab3d68d64c68f2ba25665f54f4fdd37e241
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AupbTvs%2Fq7E8Ej2VVjq5yQCg6dIDLZ3Lk%2FNdqgbAyNtQwonUu23NnVxgC9%2BBEaN3c3anQwFFAxxEFA2N9gGvZ9i%2FWvIziQlP88H%2F0Cmf4g71i544hqCb21KemRTP"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8fa92a4d2bb81db1-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7854&min_rtt=6383&rtt_var=1053&sent=406&recv=107&lost=0&retrans=0&sent_bytes=440002&recv_bytes=13793&delivery_rate=4309754&cwnd=153600&unsent_bytes=0&cid=a364a1224d472b95&ts=1625&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uIzXPgaKJulZ2Z8puVGiYCmbB%2FQGWWrDV2z4FZc39UFoPTwsfC2wyem8c1JjTYql8XKY6%2B1j7ibw3Fb4W8JFrSIj1IaoyFo%2FuSKoQg8U%2Bcelcub1o7i2p4oPOdXJ"}],"group":"cf-nel","max_age":604800}
cf-ray
8fa92a4d0ba31db1-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=7862&min_rtt=6383&rtt_var=985&sent=404&recv=101&lost=0&retrans=0&sent_bytes=439258&recv_bytes=13287&delivery_rate=3994394&cwnd=153600&unsent_bytes=0&cid=a364a1224d472b95&ts=1602&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 31 Dec 2024 09:15:28 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
truncated
/
97 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f73b75df68ac491ab6b3f792fbde19d5811f81fb5c918436e27621764f1aaacb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
165 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
208851c1877c8af078a4d14da121513446d5bf8e72e46f9671c71ebca2c95ad7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://kaiber.xyz
Referer

Response headers

Content-Type
image/svg+xml
8fa92a434be91db1
kaiber.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F18D
0
1 KB
XHR
General
Full URL
https://kaiber.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/8fa92a434be91db1
Requested by
Host: kaiber.xyz
URL: https://kaiber.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DzmBkYKIPKyHogXp7trr%2FjDvvmnVJ7pR%2BVs1N7d2Kssoq1HjHYJM9KSV0pHeqGCqa6pddDregAvRkoOgUY9rCVkIYvMIVZILWWzcmT0W6N0iq9EanMTQK2%2FyBahK"}],"group":"cf-nel","max_age":604800}
cf-ray
8fa92a4fdd731db1-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7696&min_rtt=6383&rtt_var=1105&sent=419&recv=123&lost=0&retrans=0&sent_bytes=445184&recv_bytes=31028&delivery_rate=341603&cwnd=153600&unsent_bytes=0&cid=a364a1224d472b95&ts=2062&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
/
client.crisp.chat/settings/website/c4a1fa39-1eeb-4d48-82d7-2f79ff8e3909/prelude/
222 B
545 B
Script
General
Full URL
https://client.crisp.chat/settings/website/c4a1fa39-1eeb-4d48-82d7-2f79ff8e3909/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler&2024-11-31-10-15
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?7cadd01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29bc0b6e2cbd63bab8e0984d591331cb7d9cdea94eef86c2afedc6317ff12109
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/

Response headers

access-control-max-age
300
content-encoding
br
cf-cache-status
MISS
access-control-allow-methods
HEAD, GET, OPTIONS
x-content-type-options
nosniff
expires
Tue, 31 Dec 2024 13:15:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
Content-Type, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=14400
last-modified
Tue, 31 Dec 2024 09:15:28 GMT
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
false
cf-ray
8fa92a4ff9b5d37a-FRA
access-control-allow-origin
*
server
cloudflare
clarity.js
www.clarity.ms/s/0.7.59/
67 KB
28 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.59/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mtkwf4bti4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/

Response headers

x-azure-ref
20241231T091528Z-15464c697c5vg97hhC1FRA7ccg00000001gg000000009sp9
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD267192E6C672"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
56ecafaa-801e-0015-59e5-5a3968000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Fri, 27 Dec 2024 12:25:39 GMT
rum
kaiber.xyz/cdn-cgi/
0
138 B
XHR
General
Full URL
https://kaiber.xyz/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://kaiber.xyz/buy?domain=etrip.xyz

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8fa92a50bdec1db1-FRA
access-control-allow-origin
https://kaiber.xyz
date
Tue, 31 Dec 2024 09:15:28 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.svg
kaiber.xyz/cdn/img/favicon/
2 KB
2 KB
Other
General
Full URL
https://kaiber.xyz/cdn/img/favicon/favicon.svg?10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a11109e4c91050962a825fc1c228f8f93a59eb4b7ccea85a43eded7f3ca2a77

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/buy?domain=etrip.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
623925
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y7NyIUC3KfKtkppTuVZ%2Fc7ZS%2ByzCtvOhaD%2FuR7bvYsuIzrv3fRVus%2Bkkmq32EbzjXjdU3%2FuGKaNMlkRCbMjzfYj83VdMqAUTAqoBs1IsKKOTmt%2BAFiFvGLzYZC4D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 24 Dec 2025 03:56:43 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7565&min_rtt=6383&rtt_var=1090&sent=424&recv=128&lost=0&retrans=0&sent_bytes=446597&recv_bytes=34429&delivery_rate=51733&cwnd=153600&unsent_bytes=0&cid=a364a1224d472b95&ts=2198&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
image/svg+xml
last-modified
Tue, 24 Dec 2024 03:02:08 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fa92a50bdf21db1-FRA
access-control-allow-origin
*
x-turbo-charged-by
LiteSpeed
server
cloudflare
favicon.ico
kaiber.xyz/
11 KB
11 KB
Other
General
Full URL
https://kaiber.xyz/favicon.ico?10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2cb7e964d085b8a8a746f18925e8e9dff77329f004f01d935230f141d329be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/buy?domain=etrip.xyz

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
593471
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gv7rZuU%2FvMRc%2BGQ715QGY6i1dLxHYtRU3sb%2BjXmOt%2FGJYbje7EV0lcWQ3%2Fjv2HDxRFDpLzVqZR25W%2BMcoBlVzDKSdSvucReczMkSmo3b1HucyIdKRfHDaDk1Hexz"}],"group":"cf-nel","max_age":604800}
expires
Wed, 24 Dec 2025 12:24:17 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7424&min_rtt=6383&rtt_var=852&sent=427&recv=131&lost=0&retrans=0&sent_bytes=448350&recv_bytes=35246&delivery_rate=97613&cwnd=153600&unsent_bytes=0&cid=a364a1224d472b95&ts=2230&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
image/x-icon
last-modified
Tue, 24 Dec 2024 03:15:58 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fa92a50ee131db1-FRA
access-control-allow-origin
*
x-turbo-charged-by
LiteSpeed
server
cloudflare
collect
l.clarity.ms/
0
274 B
XHR
General
Full URL
https://l.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.8.207.171 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://kaiber.xyz/

Response headers

Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
Access-Control-Allow-Origin
https://kaiber.xyz
Date
Tue, 31 Dec 2024 09:15:29 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
/
client.crisp.chat/settings/website/c4a1fa39-1eeb-4d48-82d7-2f79ff8e3909/
1 KB
1 KB
Script
General
Full URL
https://client.crisp.chat/settings/website/c4a1fa39-1eeb-4d48-82d7-2f79ff8e3909/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler&1735321353400
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?7cadd01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c55c7059e808ad6918ef2ab84f111aef43358687ef45873f668c61240905b798
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/

Response headers

access-control-max-age
300
content-encoding
br
cf-cache-status
EXPIRED
access-control-allow-methods
HEAD, GET, OPTIONS
x-content-type-options
nosniff
expires
Tue, 31 Dec 2024 13:15:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
Content-Type, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=14400
last-modified
Tue, 31 Dec 2024 09:15:28 GMT
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
false
cf-ray
8fa92a518c56d37a-FRA
access-control-allow-origin
*
server
cloudflare
en.js
client.crisp.chat/static/javascripts/locales/
10 KB
4 KB
Script
General
Full URL
https://client.crisp.chat/static/javascripts/locales/en.js?7cadd01
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?7cadd01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
444b58f8f0cf2c56c53fada3c5e27a87b713a0855c8b84d93caa2316604b3c07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/

Response headers

access-control-max-age
300
content-encoding
br
cf-cache-status
HIT
etag
W/"66759605-26a4"
age
77424
access-control-allow-methods
HEAD, GET, OPTIONS
x-content-type-options
nosniff
expires
Fri, 29 Dec 2034 09:15:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 31 Dec 2024 09:15:28 GMT
content-type
application/javascript
last-modified
Fri, 21 Jun 2024 15:02:29 GMT
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
Content-Type, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=315360000
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
false
cf-ray
8fa92a520d48d37a-FRA
access-control-allow-origin
*
server
cloudflare
truncated
/
881 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
collect
l.clarity.ms/
0
274 B
XHR
General
Full URL
https://l.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.8.207.171 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://kaiber.xyz/

Response headers

Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
Access-Control-Allow-Origin
https://kaiber.xyz
Date
Tue, 31 Dec 2024 09:15:30 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
truncated
/
508 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcd9225b9818c4ab0636f4a8808f056873283f6b4e3fed7b4b0b9a3589cdec83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
308 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
/
image.crisp.chat/process/thumbnail/
2 KB
2 KB
Image
General
Full URL
https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2F7639574c1ee1a000%2Fkaiber-xyz_uk3uoq.png&width=60&height=60&1735321353400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6299589298952c14eff14bf50945e68caee0336bd55a2d1f97a9a4bbe991acd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/

Response headers

cf-cache-status
HIT
etag
W/"674-194170513a0"
age
83535
x-content-type-options
nosniff
expires
Fri, 29 Dec 2034 09:15:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 31 Dec 2024 09:15:31 GMT
content-type
image/webp
last-modified
Mon, 30 Dec 2024 10:03:16 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=315360000
cross-origin-resource-policy
cross-origin
cf-ray
8fa92a5f1b15d37a-FRA
accept-ranges
bytes
content-length
1652
server
cloudflare
/
image.crisp.chat/avatar/website/c4a1fa39-1eeb-4d48-82d7-2f79ff8e3909/60/
738 B
1 KB
Image
General
Full URL
https://image.crisp.chat/avatar/website/c4a1fa39-1eeb-4d48-82d7-2f79ff8e3909/60/?1735321353400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41ba98de0ebf0af887698310d46cc4a41c4436085572f943760f0f20d4683d24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kaiber.xyz/

Response headers

cf-cache-status
HIT
etag
W/"2e2-193fb15957d"
age
79026
x-content-type-options
nosniff
expires
Fri, 29 Dec 2034 09:15:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 31 Dec 2024 09:15:31 GMT
content-type
image/webp
last-modified
Tue, 24 Dec 2024 23:51:56 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=315360000
cross-origin-resource-policy
cross-origin
cf-ray
8fa92a5f1b13d37a-FRA
accept-ranges
bytes
content-length
738
server
cloudflare
truncated
/
764 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5b32767b893aa35bec23319a725e6db8729383514c336925351ee4430b73eb0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://kaiber.xyz
Referer

Response headers

Content-Type
image/svg+xml
noto_sans_bold.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/
10 KB
10 KB
Font
General
Full URL
https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_bold.woff2?7cadd01
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/stylesheets/client_default.css?7cadd01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://kaiber.xyz
Referer
https://client.crisp.chat/static/stylesheets/client_default.css?7cadd01

Response headers

access-control-max-age
300
content-encoding
br
cf-cache-status
HIT
etag
W/"64d22e8c-280c"
age
83535
access-control-allow-methods
HEAD, GET, OPTIONS
x-content-type-options
nosniff
expires
Fri, 29 Dec 2034 09:15:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 31 Dec 2024 09:15:31 GMT
content-type
application/font-woff2
last-modified
Tue, 08 Aug 2023 12:01:16 GMT
vary
Accept-Encoding
priority
u=0,i=?0
access-control-allow-headers
Content-Type, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=315360000
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
false
cf-ray
8fa92a5f1d699f58-FRA
access-control-allow-origin
*
server
cloudflare
noto_sans_regular.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/
10 KB
11 KB
Font
General
Full URL
https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_regular.woff2?7cadd01
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/stylesheets/client_default.css?7cadd01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://kaiber.xyz
Referer
https://client.crisp.chat/static/stylesheets/client_default.css?7cadd01

Response headers

access-control-max-age
300
content-encoding
br
cf-cache-status
HIT
etag
W/"64d22e8c-2864"
age
83535
access-control-allow-methods
HEAD, GET, OPTIONS
x-content-type-options
nosniff
expires
Fri, 29 Dec 2034 09:15:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 31 Dec 2024 09:15:31 GMT
content-type
application/font-woff2
last-modified
Tue, 08 Aug 2023 12:01:16 GMT
vary
Accept-Encoding
priority
u=0,i=?0
access-control-allow-headers
Content-Type, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=315360000
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
false
cf-ray
8fa92a5f1d6b9f58-FRA
access-control-allow-origin
*
server
cloudflare
collect
l.clarity.ms/
0
274 B
XHR
General
Full URL
https://l.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.8.207.171 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://kaiber.xyz/

Response headers

Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
Access-Control-Allow-Origin
https://kaiber.xyz
Date
Tue, 31 Dec 2024 09:15:32 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| clarity object| $crisp string| CRISP_WEBSITE_ID object| d object| s function| $ function| jQuery function| Swiper function| SplitType function| PhotoSwipeUI_Default function| PhotoSwipe function| kaiber_Share_Form boolean| $__CRISP_INCLUDED object| __cfBeacon object| $__CRISP_INSTANCE

2 Cookies

Domain/Path Name / Value
.kaiber.xyz/ Name: cf_clearance
Value: O5Z4c2tNMMvBfF9Sdl7V4NFbMy7uMHK2ktny3gM2qCE-1735636528-1.2.1.1-39cblTlC7PR79q5r_vYS7L.8Sj37FWGTTjgyzRYZLOiUPlHc.HZoI8iZawqPxaXSBCE_GYmO.uqOItd1b5AGU0hbDkr9C3YOqQcpn2iu.RTLRgiPts1RsZyg73GNeXXg6aKqUaKDPUnqXXhhuC1wLTTEJs1vC.CaVixr8gCaaRlN2VEbwznwOuOnJqHqb4xOljSwSFBpVes9JA32OPS44EyqCzeOKjewhH9CASMcyGnGcLz3bvhfzlfhRhnBz2k6sP8.oIjGU6axr6kX4hTmju2gtJ14H2CBB0VYLB5tomVTvnhl1GBwwzQsmAntBkEJ_ie7AhII500XqNr0VYz3pkigdQWklXeMMf7Hz_l1ifJuLwCLVmf9rY3J1DDpwEG_
.kaiber.xyz/ Name: crisp-client%2Fsession%2Fc4a1fa39-1eeb-4d48-82d7-2f79ff8e3909
Value: session_21121dbd-625a-4c81-9ee0-0e252faf44ee

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client.crisp.chat
etrip.xyz
image.crisp.chat
kaiber.xyz
l.clarity.ms
static.cloudflareinsights.com
www.clarity.ms
104.18.29.104
15.197.162.184
188.114.96.3
2606:4700::6810:4f49
2620:1ec:bdf::45
51.8.207.171
0fcc14f0214c56f8ce0d59ee42f09ab3d68d64c68f2ba25665f54f4fdd37e241
1de0630c00e40e178d72749e60197f46f1d4354ee00e0b667d1b8343a5feb2d3
1e4ef41665c54ca257c91d4540493c7e044c48dfaca6db2ad7a385cf6ba857de
208851c1877c8af078a4d14da121513446d5bf8e72e46f9671c71ebca2c95ad7
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29bc0b6e2cbd63bab8e0984d591331cb7d9cdea94eef86c2afedc6317ff12109
3517b585c915130d33e286dc080e5190eefedb727a2fbd5ce65d065d1436760a
3710e2c96b1c85abcee1f1b0cfd5f9493987db84654ad344abb11882a9ae4b2c
3ab4eea364844deddc74d78cb68f57e466390bf5457547d7f9da62e657ce5d4e
41663b5d943937b5f1c58ccc8e1ade1f53a658ed950aa2f5ad05cc97c1013d1b
41ba98de0ebf0af887698310d46cc4a41c4436085572f943760f0f20d4683d24
444b58f8f0cf2c56c53fada3c5e27a87b713a0855c8b84d93caa2316604b3c07
51538658b491b30ad6b2dc13ebca3d8c520a8c7bfec1106da47512688d9a2f55
5a11109e4c91050962a825fc1c228f8f93a59eb4b7ccea85a43eded7f3ca2a77
603c8a444b9955009310a481679ce4e4181282eb0267bf5903e3cc026aebe6a8
60aaabdf15ad8f5859878076d622aabfec7b2c7bbcf4398a90725c65e5c4aa71
626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d
6299589298952c14eff14bf50945e68caee0336bd55a2d1f97a9a4bbe991acd2
6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5
6dba6690f839b864c1994ffe7103c4cea2a98256c1fcbd413e77099077cd8653
73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973
7b8e83272a8457ab51d03380c474c9c32ebafcfefd7b3ee40b431bb56cab5331
7c2cb7e964d085b8a8a746f18925e8e9dff77329f004f01d935230f141d329be
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
9ea55da1bfb149d871f45b8c7983081b2fa2b662f5711d5cbfbb83f09035c152
a3c7a5eaa624a59987922d2d4a4ff1885be57771145c7b9b80d58021f86e7f66
ada5faeab0ddad466623705895d4a8eb5432921c44c95534962f5a9db861da3a
ae46bc165a3b20944a07e5591a2d7593e4c98e9c3a792ff5ae7f4a5d515059b8
bb1eb810b0fa5ad3d6ff9d0e8b2c7fe1d50249d0c22a47b7d5b195534a649666
bc7ca04639932d80122a3b3d552115c9877601c2368a08b09ca092ce53f00548
c55c7059e808ad6918ef2ab84f111aef43358687ef45873f668c61240905b798
cde2081451e2cbed947ccc4aebcd294d7a96224084e26a167fabb67fd0d55917
e1e52bd8af04b59f414337c0c107655c74019a8555cec4f399c7d5716e6bcdcf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b32767b893aa35bec23319a725e6db8729383514c336925351ee4430b73eb0
ed47babcdfca4f506a15afce02631af2cc3e9335558090ea9d5328bd5d5bc7af
f73b75df68ac491ab6b3f792fbde19d5811f81fb5c918436e27621764f1aaacb
fcd9225b9818c4ab0636f4a8808f056873283f6b4e3fed7b4b0b9a3589cdec83