Submitted URL: http://cyberbotting.xyz/
Effective URL: https://cyberbotting.xyz/
Submission: On June 06 via api from US — Scanned from SG

Summary

This website contacted 19 IPs in 4 countries across 17 domains to perform 31 HTTP transactions. The main IP is 159.223.67.253, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is cyberbotting.xyz.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on March 27th 2024. Valid for: 3 months.
This is the only time cyberbotting.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 159.223.67.253 14061 (DIGITALOC...)
1 74.125.130.97 15169 (GOOGLE)
1 151.101.130.137 54113 (FASTLY)
1 104.19.229.21 13335 (CLOUDFLAR...)
2 104.17.24.14 13335 (CLOUDFLAR...)
4 142.251.12.157 15169 (GOOGLE)
1 65.21.74.205 24940 (HETZNER-AS)
1 192.243.59.20 39572 (ADVANCEDH...)
2 216.239.38.178 15169 (GOOGLE)
1 142.251.175.95 15169 (GOOGLE)
1 2 192.243.61.225 39572 (ADVANCEDH...)
1 172.67.218.77 13335 (CLOUDFLAR...)
2 74.125.68.94 15169 (GOOGLE)
2 104.19.230.21 13335 (CLOUDFLAR...)
1 45.133.44.9 39572 (ADVANCEDH...)
2 142.251.10.157 15169 (GOOGLE)
2 142.251.10.132 15169 (GOOGLE)
1 142.251.175.99 ()
31 19
Apex Domain
Subdomains
Transfer
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
215 KB
5 cyberbotting.xyz
cyberbotting.xyz
114 KB
3 hcaptcha.com
js.hcaptcha.com — Cisco Umbrella Rank: 9684
newassets.hcaptcha.com — Cisco Umbrella Rank: 7250
108 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
2 gstatic.com
fonts.gstatic.com
16 KB
2 whichcandiedhandgrip.com
whichcandiedhandgrip.com
6 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
300 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 260
82 KB
1 google.com
www.google.com
1 cloudimagesb.com
cdn.cloudimagesb.com — Cisco Umbrella Rank: 19713
66 KB
1 hsl.lol
hsl.lol
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
1 KB
1 topcreativeformat.com
www.topcreativeformat.com — Cisco Umbrella Rank: 74390
12 KB
1 gifyu.com
s13.gifyu.com — Cisco Umbrella Rank: 238682
796 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 824
24 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
101 KB
0 proftrafficcounter.com Failed
proftrafficcounter.com Failed
31 17
Domain Requested by
5 cyberbotting.xyz 1 redirects cyberbotting.xyz
4 pagead2.googlesyndication.com cyberbotting.xyz
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 newassets.hcaptcha.com js.hcaptcha.com
2 fonts.gstatic.com fonts.googleapis.com
2 whichcandiedhandgrip.com 1 redirects cyberbotting.xyz
2 www.google-analytics.com www.googletagmanager.com
2 cdnjs.cloudflare.com cyberbotting.xyz
cdnjs.cloudflare.com
1 www.google.com tpc.googlesyndication.com
1 cdn.cloudimagesb.com cyberbotting.xyz
1 hsl.lol cyberbotting.xyz
1 fonts.googleapis.com cyberbotting.xyz
1 www.topcreativeformat.com cyberbotting.xyz
1 s13.gifyu.com cyberbotting.xyz
1 js.hcaptcha.com cyberbotting.xyz
1 code.jquery.com cyberbotting.xyz
1 www.googletagmanager.com cyberbotting.xyz
0 proftrafficcounter.com Failed www.topcreativeformat.com
31 19

This site contains links to these domains. Also see Links.

Domain
cyberbotting.mysellix.io
rapidapi.com
discord.gg
t.me
Subject Issuer Validity Valid
cyberbotting.xyz
ZeroSSL RSA Domain Secure Site CA
2024-03-27 -
2024-06-25
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-05-13 -
2024-08-05
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
hcaptcha.com
E1
2024-05-12 -
2024-08-10
3 months crt.sh
cdnjs.cloudflare.com
E1
2024-06-02 -
2024-08-31
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-05-13 -
2024-08-05
3 months crt.sh
s13.gifyu.com
R3
2024-04-17 -
2024-07-16
3 months crt.sh
topcreativeformat.com
R3
2024-05-19 -
2024-08-17
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-05-13 -
2024-08-05
3 months crt.sh
hsl.lol
GTS CA 1P5
2024-05-14 -
2024-08-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-05-13 -
2024-08-05
3 months crt.sh
cdn.cloudimagesb.com
R3
2024-05-21 -
2024-08-19
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-05-13 -
2024-08-05
3 months crt.sh
www.google.com
GTS CA 1C3
2024-05-13 -
2024-08-05
3 months crt.sh

This page contains 9 frames:

Primary Page: https://cyberbotting.xyz/
Frame ID: C02AB7EF85654967BB382307521B4A39
Requests: 23 HTTP requests in this frame

Frame: https://hsl.lol/
Frame ID: 11E8C4ECF28D3B21948E9675D6F33EAC
Requests: 1 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/997e24b/static/hcaptcha.html
Frame ID: 21A02BA260A38A6B91EC69A75F01E9CF
Requests: 1 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/997e24b/static/hcaptcha.html
Frame ID: 91369C176650B95335C5F765334A12E4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png
Frame ID: DF9F1D6134B94CA62B52347C13F28A8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240604/r20110914/zrt_lookup_fy2021.html
Frame ID: 713502CB3BC2A3DE9E7DCB6C9CC1F644
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4137266053138305&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1717646774&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fcyberbotting.xyz%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=32_7~27_15&aiixl=32_9~27_3&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717646771599&bpp=3&bdt=4208&idt=2474&shv=r20240604&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7389799100682&frm=20&pv=2&ga_vid=621556188.1717646770&ga_sid=1717646774&ga_hid=484592127&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95332938%2C31084200%2C31084255%2C42532523%2C95334525%2C95334830%2C95334054%2C95334158%2C31078668&oid=2&pvsid=2171924164397824&tmod=839925257&uas=0&nvt=1&fsapi=1&fc=1920&brdim=560%2C560%2C560%2C560%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=2513
Frame ID: 120EADC621F27EDDC10FE6BBBBB1FF36
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BBC3CB9FD7AC86E7B8129CCB9FB71ED6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 967272DB42F65BCB2C3E1069D39E8EFC
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://cyberbotting.xyz/ HTTP 307
    https://cyberbotting.xyz/ HTTP 307
    http://cyberbotting.xyz/ HTTP 301
    https://cyberbotting.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

94 %
HTTPS

0 %
IPv6

17
Domains

19
Subdomains

19
IPs

4
Countries

1539 kB
Transfer

2505 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cyberbotting.xyz/ HTTP 307
    https://cyberbotting.xyz/ HTTP 307
    http://cyberbotting.xyz/ HTTP 301
    https://cyberbotting.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://whichcandiedhandgrip.com/watch.1232855480949.js?key=bc7f843d4f2190f0c5a8fc5e01d7a7c6&kw=%5B%5D&refer=https%3A%2F%2Fcyberbotting.xyz%2F&tz=8&dev=r&res=14.31&uuid= HTTP 307
  • https://whichcandiedhandgrip.com/watch.1232855480949.js?dev=r&key=bc7f843d4f2190f0c5a8fc5e01d7a7c6&kw=%5B%5D&pst=1717646832&refer=https%3A%2F%2Fcyberbotting.xyz%2F&res=14.31&rmtc=t&shu=e6d6a0d20bb31b0df608d43c8fd37e3973c2040601376370c0e09b64b6e6753a99ce2c2def4ef9cc53a8e28169106d7605ea0a43e22b3ebd6a340920449e88548f0b2861f74a27997afc1309d0b526205af9f040b6e0478f68a1bbdfbd1246&tz=8&uuid=

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
cyberbotting.xyz/
Redirect Chain
  • http://cyberbotting.xyz/
  • https://cyberbotting.xyz/
  • http://cyberbotting.xyz/
  • https://cyberbotting.xyz/
4 KB
2 KB
Document
General
Full URL
https://cyberbotting.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.223.67.253 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
f29f11dbb516ec62ab87011871bfeffa4a2f85679779c1eb3cc710c0c7d8c881

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 06 Jun 2024 04:06:06 GMT
Server
nginx/1.24.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Thu, 06 Jun 2024 04:06:04 GMT
Location
https://cyberbotting.xyz/
Server
nginx/1.24.0 (Ubuntu)
js
www.googletagmanager.com/gtag/
304 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RV5T9CYJ6X
Requested by
Host: cyberbotting.xyz
URL: https://cyberbotting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c25a892d5fc2df52de95ca95d8b507c6089da0a14d7178a4aa2c9b8d2cb289bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:06:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103410
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 06 Jun 2024 04:06:08 GMT
jquery-3.6.1.slim.min.js
code.jquery.com/
71 KB
24 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.1.slim.min.js
Requested by
Host: cyberbotting.xyz
URL: https://cyberbotting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c3c0af845b3b88735552d9d23f460a120d34a7d221d77ae52fdcc6aaf2dd78f0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Origin
https://cyberbotting.xyz
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:06:08 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5272594
x-cache
HIT, HIT
content-length
24673
x-served-by
cache-lga21924-LGA, cache-qpg120112-QPG
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1717646769.504953,VS0,VE0
etag
W/"28feccc0-11b57"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
1511, 1270
api.js
js.hcaptcha.com/1/
379 KB
108 KB
Script
General
Full URL
https://js.hcaptcha.com/1/api.js?hl=en
Requested by
Host: cyberbotting.xyz
URL: https://cyberbotting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.229.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c922be9f2abd972a5417610fb404a3234c71015d205cab53a7be687691ac612
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:06:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110089
server
cloudflare
etag
"ae9476c202a50528d03cab9f0deb585a"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
cf-ray
88f587415a4a9c6e-SIN
expires
Thu, 20 Jun 2024 04:06:11 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: cyberbotting.xyz
URL: https://cyberbotting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:06:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
633427
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JJHk8%2BadI8krM4zLykqCeCAbc5bybvXiwj3AlvVZPYyTQZIRXnZk6KjJA0S8Tcp2de9%2FsY5NYsn5cbsnn0jtEK3WIE%2BqqGEFQ%2BmQe5jAQInDAPo6JbnDybUhHLM3sROJvkO0edvY"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88f5872f29c93e12-SIN
expires
Tue, 27 May 2025 04:06:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
155 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4137266053138305
Requested by
Host: cyberbotting.xyz
URL: https://cyberbotting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
36c17e31d4f50db92d926cd13a714c7f5bc8573eb393cbafdc53fae5af10008f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Origin
https://cyberbotting.xyz
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:06:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52038
x-xss-protection
0
server
cafe
etag
323289828522990595
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 06 Jun 2024 04:06:11 GMT
style.css
cyberbotting.xyz/assets/css/
7 KB
7 KB
Stylesheet
General
Full URL
https://cyberbotting.xyz/assets/css/style.css
Requested by
Host: cyberbotting.xyz
URL: https://cyberbotting.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.223.67.253 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
049028dc6a44628d226500783efde05ec6f3c431c0184d521ec4b5b6dd9a04db

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 04:06:07 GMT
Last-Modified
Sun, 25 Feb 2024 08:41:09 GMT
Server
nginx/1.24.0 (Ubuntu)
ETag
"1708850469.0375998-7058-3532198603"
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache
Content-Disposition
inline; filename=style.css
Connection
keep-alive
Content-Length
7058
SjtKm.gif
s13.gifyu.com/images/
795 KB
796 KB
Image
General
Full URL
https://s13.gifyu.com/images/SjtKm.gif
Requested by
Host: cyberbotting.xyz
URL: https://cyberbotting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.21.74.205 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.205.74.21.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d99033f6f62ae49b444c08bae40f7c7f792b61ee1aeae6fbcbecf511ac94cdf4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:06:10 GMT
last-modified
Tue, 02 Jan 2024 13:58:29 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"65941685-c6bbe"
content-length
814014
content-type
image/gif
0x0x0x0x02.js
cyberbotting.xyz/assets/js/
103 KB
103 KB
Script
General
Full URL
https://cyberbotting.xyz/assets/js/0x0x0x0x02.js
Requested by
Host: cyberbotting.xyz
URL: https://cyberbotting.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.223.67.253 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
929e67a2d8b190534e3656b695a27ff751b3602b1844d3240ef43a058af6b35c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 04:06:09 GMT
Last-Modified
Sun, 25 Feb 2024 08:41:10 GMT
Server
nginx/1.24.0 (Ubuntu)
ETag
"1708850470.4536598-105553-59380420"
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache
Content-Disposition
inline; filename=0x0x0x0x02.js
Connection
keep-alive
Content-Length
105553
invoke.js
www.topcreativeformat.com/bc7f843d4f2190f0c5a8fc5e01d7a7c6/
31 KB
12 KB
Script
General
Full URL
https://www.topcreativeformat.com/bc7f843d4f2190f0c5a8fc5e01d7a7c6/invoke.js
Requested by
Host: cyberbotting.xyz
URL: https://cyberbotting.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
63fa8aac3bc975b911ee41c282ec19970d23c32c4e87c3153796468b94580931
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 04:06:09 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
c293df7ad061ffafe38d44139431b658
Expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
proftrafficcounter.com/
0
0

collect
www.google-analytics.com/g/
0
246 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-RV5T9CYJ6X&gtm=45je4630v9175410908za200&_p=1717646770007&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=621556188.1717646770&ul=en-sg&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717646770&sct=1&seg=0&dl=https%3A%2F%2Fcyberbotting.xyz%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=9366&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RV5T9CYJ6X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 06 Jun 2024 04:06:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cyberbotting.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800;900&display=swap
Requested by
Host: cyberbotting.xyz
URL: https://cyberbotting.xyz/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f95.1e100.net
Software
ESF /
Resource Hash
b54469a21994f21a482f3a8e006b7f887a973e9519c3d7d55d379ff2acd33c87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 06 Jun 2024 04:06:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 06 Jun 2024 03:25:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 Jun 2024 04:06:11 GMT
watch.1232855480949.js
whichcandiedhandgrip.com/
Redirect Chain
  • https://whichcandiedhandgrip.com/watch.1232855480949.js?key=bc7f843d4f2190f0c5a8fc5e01d7a7c6&kw=%5B%5D&refer=https%3A%2F%2Fcyberbotting.xyz%2F&tz=8&dev=r&res=14.31&uuid=
  • https://whichcandiedhandgrip.com/watch.1232855480949.js?dev=r&key=bc7f843d4f2190f0c5a8fc5e01d7a7c6&kw=%5B%5D&pst=1717646832&refer=https%3A%2F%2Fcyberbotting.xyz%2F&res=14.31&rmtc=t&shu=e6d6a0d20bb3...
3 KB
3 KB
XHR
General
Full URL
https://whichcandiedhandgrip.com/watch.1232855480949.js?dev=r&key=bc7f843d4f2190f0c5a8fc5e01d7a7c6&kw=%5B%5D&pst=1717646832&refer=https%3A%2F%2Fcyberbotting.xyz%2F&res=14.31&rmtc=t&shu=e6d6a0d20bb31b0df608d43c8fd37e3973c2040601376370c0e09b64b6e6753a99ce2c2def4ef9cc53a8e28169106d7605ea0a43e22b3ebd6a340920449e88548f0b2861f74a27997afc1309d0b526205af9f040b6e0478f68a1bbdfbd1246&tz=8&uuid=
Requested by
Host: cyberbotting.xyz
URL: https://cyberbotting.xyz/
Protocol
HTTP/1.1
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
00dd7835f5c9ee7f92e2dea2ffcf07c80d91297acc95557205950fe6314c222f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://cyberbotting.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Thu, 06 Jun 2024 04:06:13 GMT
Custom-Referer
https://cyberbotting.xyz
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://cyberbotting.xyz
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Request-ID
8fcd3370dff65a9b7c20845073e1d9ee
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Thu, 06 Jun 2024 04:06:12 GMT
Custom-Referer
https://cyberbotting.xyz
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://cyberbotting.xyz
Location
https://whichcandiedhandgrip.com/watch.1232855480949.js?dev=r&key=bc7f843d4f2190f0c5a8fc5e01d7a7c6&kw=%5B%5D&pst=1717646832&refer=https%3A%2F%2Fcyberbotting.xyz%2F&res=14.31&rmtc=t&shu=e6d6a0d20bb31b0df608d43c8fd37e3973c2040601376370c0e09b64b6e6753a99ce2c2def4ef9cc53a8e28169106d7605ea0a43e22b3ebd6a340920449e88548f0b2861f74a27997afc1309d0b526205af9f040b6e0478f68a1bbdfbd1246&tz=8&uuid=
Access-Control-Allow-Credentials
true
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
3d154861d1042566912da0ef1ab0cb4d
Expires
Thu, 01 Jan 1970 00:00:01 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/
425 KB
144 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4137266053138305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
19b69bcbd63a2e5ea2c58b7818a38cb2b57b563247caa7cc3b19758a431703aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:06:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147207
x-xss-protection
0
server
cafe
etag
4684621454610740462
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jun 2024 04:06:13 GMT
/
hsl.lol/ Frame 11E8
0
0
Document
General
Full URL
https://hsl.lol/
Requested by
Host: cyberbotting.xyz
URL: https://cyberbotting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.218.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://cyberbotting.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88f5874c2b17880d-SIN
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 06 Jun 2024 04:06:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XF7xfXkNLJXUmr3VQxAkH1cX5ifXMi8aSeAEZyf0rHODWMUuSc9AweqHKjQh%2BJz0G%2F8%2FAddLL4eDrSTgaSufUzCHzGuPJZx5FudhdRXKlJvoXmBFDhDiH9DW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://cyberbotting.xyz
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 22:09:32 GMT
x-content-type-options
nosniff
age
21401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Jun 2025 22:09:32 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://cyberbotting.xyz
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 21:51:15 GMT
x-content-type-options
nosniff
age
22498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Jun 2025 21:51:15 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://cyberbotting.xyz
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:06:14 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
118407
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P2mtJJM4EuKu6caOWvkpuBqeduPEZdlj8vP5SzQp1ZPOhNl%2F9JPASMol3pL7Yw29nb3JIWNWQnVTtpIJgdWAHUnyC2zscVIQ87QTVwz%2BYb%2FR%2Fc8iOGFxLaMQF0cDbFW8Ta0aaHst"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88f58755eb5f8208-SIN
expires
Tue, 27 May 2025 04:06:14 GMT
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/997e24b/static/ Frame 21A0
0
0
Document
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/997e24b/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://cyberbotting.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1209600
cf-cache-status
HIT
cf-ray
88f5874c7a9a3de4-SIN
content-encoding
br
content-type
text/html
date
Thu, 06 Jun 2024 04:06:13 GMT
expires
Thu, 20 Jun 2024 04:06:13 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/997e24b/static/ Frame 9136
0
0
Document
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/997e24b/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://cyberbotting.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1209600
cf-cache-status
HIT
cf-ray
88f5874c7a9a3de4-SIN
content-encoding
br
content-type
text/html
date
Thu, 06 Jun 2024 04:06:13 GMT
expires
Thu, 20 Jun 2024 04:06:13 GMT
server
cloudflare
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
1658920055.png
cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/ Frame DF9F
66 KB
66 KB
Image
General
Full URL
https://cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png
Requested by
Host: cyberbotting.xyz
URL: https://cyberbotting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.9 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
fc08e863ffafe25aa63fe8b60c2d5135fc5f52caf0abae4da3f1a90e0f8ed96c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 08 Jun 2024 04:06:14 GMT
date
Thu, 06 Jun 2024 04:06:14 GMT
last-modified
Wed, 27 Jul 2022 11:07:43 GMT
server
nginx/1.17.6
etag
"62e11c7f-10666"
content-type
image/png
cache-control
max-age=172800
accept-ranges
bytes
content-length
67174
x-proxy-cache
HIT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240604/r20110914/ Frame 7135
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240604/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://cyberbotting.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
83196
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4165
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Jun 2024 04:59:40 GMT
etag
3711839061170457607
expires
Wed, 19 Jun 2024 04:59:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
121 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=FOOTER&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: cyberbotting.xyz
URL: https://cyberbotting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 06 Jun 2024 04:06:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 120E
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4137266053138305&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1717646774&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fcyberbotting.xyz%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=32_7~27_15&aiixl=32_9~27_3&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717646771599&bpp=3&bdt=4208&idt=2474&shv=r20240604&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7389799100682&frm=20&pv=2&ga_vid=621556188.1717646770&ga_sid=1717646774&ga_hid=484592127&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95332938%2C31084200%2C31084255%2C42532523%2C95334525%2C95334830%2C95334054%2C95334158%2C31078668&oid=2&pvsid=2171924164397824&tmod=839925257&uas=0&nvt=1&fsapi=1&fc=1920&brdim=560%2C560%2C560%2C560%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=2513
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://cyberbotting.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 06 Jun 2024 04:06:16 GMT
expires
Thu, 06 Jun 2024 04:06:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-RV5T9CYJ6X&gtm=45je4630v9175410908za200&_p=1717646770007&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=621556188.1717646770&ul=en-sg&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1717646770&sct=1&seg=0&dl=https%3A%2F%2Fcyberbotting.xyz%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=7&tfd=14382&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RV5T9CYJ6X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 06 Jun 2024 04:06:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cyberbotting.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240604&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
c774274caae1b9f9049cd3827573565a829a9cfaa387742d6f4464b520d360c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:06:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12759
x-xss-protection
0
favicon.ico
cyberbotting.xyz/
2 KB
1 KB
Other
General
Full URL
https://cyberbotting.xyz/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.223.67.253 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
e30c9dce72da17abd46c55614f21930b1a2b21b56dd84ef9b9f0ed9bac34aae6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 04:06:18 GMT
Content-Encoding
gzip
Server
nginx/1.24.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cyberbotting.xyz/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:06:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 06 Jun 2024 04:06:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BBC3
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://cyberbotting.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
188926
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jun 2024 23:37:34 GMT
expires
Tue, 03 Jun 2025 23:37:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9672
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.99 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-olv44hDQIXG9qPD8BBeyVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://cyberbotting.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-olv44hDQIXG9qPD8BBeyVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 06 Jun 2024 04:06:20 GMT
expires
Thu, 06 Jun 2024 04:06:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
proftrafficcounter.com
URL
https://proftrafficcounter.com/stats

Verdicts & Comments Add Verdict or Comment

193 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| _0x1e60 function| _0x3c53 object| LieDetector object| atAsyncContainers function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint string| WtgwbSv string| A551B8E string| uYrJItr string| uk2pcId string| KsVe0HS string| JbT1Pi6 string| ZN0WBG string| OolKCQS string| YI0i7Vz string| Him7Huv string| qWGThVd string| x463ug string| sl5Wy2m string| PtkrS3 string| jqnodBX string| rbv7c0a string| pZZvhqm string| uGNvJi string| bQ4i8A string| YBS9Ozq object| W0ASuD function| RxLG9l_ object| Fdg8I4F number| vK5fobz object| K25Wbk string| I21cxM4 string| t23goR string| q7lAXfi string| hUfTxb string| F6NtFNX string| l6bVOBK string| fCA4xtm string| xr3AYEM string| BerSCUV string| vuYhpv string| wwtdjW string| y41lKCS string| nKapd6y string| m64w3Y8 string| hCRRYtF string| djU2Uu string| kYR3cm string| _eHgvx string| YWF5jw string| jltJ2fs string| OT5hwoy string| kko7CA string| eHq3Y8V string| tSSTcoM string| bqD7wT9 string| pLCIbMu string| nhoesZA string| wAehe0 string| _ZP_ZQr string| J1OFxlT string| MmWJqj5 string| VYUJm0d string| Ea8xzC string| Kio7Dc string| Ebw4qn string| HkvDhb string| n_q1ou string| _j_Xq8 string| owTVLDE string| y71UOQ string| hwbYKC4 string| pqpJxD string| GdUVdux string| OvQzbq string| TgbtPe string| t9NpuNx string| TA2d9NU string| ZyfJXiQ string| b2UmQIq string| PQ2f2FY string| VV3QfBa string| Luqd_Nl string| qDExrto string| hBQEqkz string| HNnoSc0 string| bA25zGf string| M5WR9IL string| zN2PPrB string| hVLYYfN string| fiz511 string| ezsWTqW string| DT3NdMR string| FADTPH string| anUW4ir string| sQ8vEH string| BjyA9J string| d8sxDo string| a9Aw7a string| ryYUOsx string| OXCclWy string| HcWsqG string| DrcVaa string| NrNOvy string| ZmvTo9D string| G7OQLiU string| jviFGn0 string| AGh_lR string| uEjZ0L string| _Urg9St string| iVq5Axm string| afSL90B string| GDqpzB1 string| MPxdPWy string| IsLR5J string| N4y7zR string| yGR_jqa string| VpCWXvo string| nuar1O_ string| lkJVFjf string| MZ0kU0 string| VQbWo7o string| PnVzsaq string| mpwYFf string| SflxHti string| RV5iGK string| VBBjcU string| LBCCiDo string| sjfxkBS string| N47MxD string| ZIIxftC string| e7CPYH string| dhEzVL object| RCKsCAj object| WZ3mdO object| awE_RJi object| Dta3B9z function| x44IvIX function| DFFXv_ undefined| HQr6r7 object| eQoPid2 object| s8cYuQ function| BnRzs_6 function| XMBSxFS function| MxeKtZ function| ZgUul6o function| c_zuVKq function| OinpIPw function| rh9LFl function| KYGKORw function| eGdy2Pb function| v6ddSL object| Raven object| hcaptcha object| grecaptcha function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

11 Cookies

Domain/Path Name / Value
.cyberbotting.xyz/ Name: _ga
Value: GA1.1.621556188.1717646770
.cyberbotting.xyz/ Name: _ga_RV5T9CYJ6X
Value: GS1.1.1717646770.1.0.1717646770.0.0.0
whichcandiedhandgrip.com/ Name: u_pl
Value: 22656935
whichcandiedhandgrip.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjY1NjkzNSwiayI6ImJjN2Y4NDNkNGYyMTkwZjBjNWE4ZmM1ZTAxZDdhN2M2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjUyNDI3LCJwaWQiOjE3MjQ3NDQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyNywicHQiOjQsInBrIjoiZm01Y3Y0ZGsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjQ0NzU0MzM1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTMyOTg1LCJibiI6IkNocm9tZSIsImJ2IjoiMTI1Iiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTkxLCJjIjoiU0ciLCJuIjoiU2luZ2Fwb3JlIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiU2luZ3RlbCBGaWJyZSJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY3liZXJib3R0aW5nLnh5ei8iLCJhciI6W119fQ.m5lBDZhuzZW9r2quBfQ95cZjqOAUqk6_pgthsJmPTW8
whichcandiedhandgrip.com/ Name: iprcc189f2a24ee0fb3ba8a519b006615c32
Value: 3569807
whichcandiedhandgrip.com/ Name: pdhtkv
Value: true
whichcandiedhandgrip.com/ Name: uncs
Value: 1
whichcandiedhandgrip.com/ Name: pdhtkv27
Value: true
whichcandiedhandgrip.com/ Name: uncs27
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.hsl.lol/ Name: cf_clearance
Value: YevMWKIuIbc..lC_RQCIqF_v62o2Btn_iidepWYF1og-1717646779-1.0.1.1-0gBt2NoGPicW.3MJhc7ikE6x_OWCtzsqrSoTQ1TkppnSMtV6RjnxqN3oLN4qDtHvtwe.iFEVIed1eGg5VpCOVg

15 Console Messages

Source Level URL
Text
javascript warning URL: https://cyberbotting.xyz/(Line 13)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/bc7f843d4f2190f0c5a8fc5e01d7a7c6/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cyberbotting.xyz/(Line 13)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/bc7f843d4f2190f0c5a8fc5e01d7a7c6/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
intervention info URL: https://cyberbotting.xyz/
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
other warning URL: https://cyberbotting.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cyberbotting.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cyberbotting.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cyberbotting.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cyberbotting.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cyberbotting.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cyberbotting.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cyberbotting.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cyberbotting.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cyberbotting.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://cyberbotting.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (NOT FOUND)
other warning URL: https://cyberbotting.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cloudimagesb.com
cdnjs.cloudflare.com
code.jquery.com
cyberbotting.xyz
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hsl.lol
js.hcaptcha.com
newassets.hcaptcha.com
pagead2.googlesyndication.com
proftrafficcounter.com
s13.gifyu.com
tpc.googlesyndication.com
whichcandiedhandgrip.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.topcreativeformat.com
proftrafficcounter.com
104.17.24.14
104.19.229.21
104.19.230.21
142.251.10.132
142.251.10.157
142.251.12.157
142.251.175.95
142.251.175.99
151.101.130.137
159.223.67.253
172.67.218.77
192.243.59.20
192.243.61.225
216.239.38.178
45.133.44.9
65.21.74.205
74.125.130.97
74.125.68.94
00dd7835f5c9ee7f92e2dea2ffcf07c80d91297acc95557205950fe6314c222f
049028dc6a44628d226500783efde05ec6f3c431c0184d521ec4b5b6dd9a04db
0c922be9f2abd972a5417610fb404a3234c71015d205cab53a7be687691ac612
19b69bcbd63a2e5ea2c58b7818a38cb2b57b563247caa7cc3b19758a431703aa
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
36c17e31d4f50db92d926cd13a714c7f5bc8573eb393cbafdc53fae5af10008f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63fa8aac3bc975b911ee41c282ec19970d23c32c4e87c3153796468b94580931
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
929e67a2d8b190534e3656b695a27ff751b3602b1844d3240ef43a058af6b35c
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
b54469a21994f21a482f3a8e006b7f887a973e9519c3d7d55d379ff2acd33c87
c25a892d5fc2df52de95ca95d8b507c6089da0a14d7178a4aa2c9b8d2cb289bf
c3c0af845b3b88735552d9d23f460a120d34a7d221d77ae52fdcc6aaf2dd78f0
c774274caae1b9f9049cd3827573565a829a9cfaa387742d6f4464b520d360c2
d99033f6f62ae49b444c08bae40f7c7f792b61ee1aeae6fbcbecf511ac94cdf4
e30c9dce72da17abd46c55614f21930b1a2b21b56dd84ef9b9f0ed9bac34aae6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f29f11dbb516ec62ab87011871bfeffa4a2f85679779c1eb3cc710c0c7d8c881
fc08e863ffafe25aa63fe8b60c2d5135fc5f52caf0abae4da3f1a90e0f8ed96c