play.rtrwns.xyz Open in urlscan Pro
103.71.153.204  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response play.rtrwns.xyz/	125 KB 17 KB	1513ms 248ms	Document text/html	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Full URL https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash dfcbb195a59b43c10bc3d9afef5187ff587663160f297ca68caa47f4bce127cf Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html date Fri, 02 Aug 2024 20:48:27 GMT etag W/"66abce1e-1f2c7" last-modified Thu, 01 Aug 2024 18:04:14 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	index.css play.rtrwns.xyz/statics/	679 KB 105 KB	500ms 499ms	Stylesheet text/css	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Full URL https://play.rtrwns.xyz/statics/index.css?id=2 Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash 43cc8900f22e7e777789d2eae05a22c87a63f67831e031094302fe25d6b1a04b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:48:27 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 24 Jul 2024 06:33:06 GMT server nginx etag W/"66a0a022-a9b3f" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Sat, 03 Aug 2024 08:48:27 GMT
GET H2	200	index1.css play.rtrwns.xyz/statics/	16 KB 2 KB	1242ms 1241ms	Stylesheet text/css	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Full URL https://play.rtrwns.xyz/statics/index1.css Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash 91f7a2dac472c9865656e6db4c02bd35dd68f0cbed3c1a23be7bb6b85c54725f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:48:27 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 24 Jul 2024 06:33:06 GMT server nginx etag W/"66a0a022-3ed2" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Sat, 03 Aug 2024 08:48:27 GMT
GET H2	200	unnamed.png play.rtrwns.xyz/statics/	348 KB 349 KB	1242ms 1241ms	Image image/png	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Show image Full URL https://play.rtrwns.xyz/statics/unnamed.png Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash c716526ef5e2a779c422afc4e48a287e329a405bac0c7ba29b6fbffce8d5e565 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:48:27 GMT strict-transport-security max-age=31536000 last-modified Wed, 24 Jul 2024 06:33:11 GMT server nginx etag "66a0a027-5718c" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 356748 expires Sun, 01 Sep 2024 20:48:27 GMT
GET H2	200	unnamed(1).webp play.rtrwns.xyz/statics/	506 B 659 B	1241ms 1241ms	Image image/webp	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Show image Full URL https://play.rtrwns.xyz/statics/unnamed(1).webp Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash 032048525671e4f2de20a3510c3dabac7034ac1b98a06b4c51da008e422378f5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:48:27 GMT strict-transport-security max-age=31536000 last-modified Wed, 24 Jul 2024 06:33:07 GMT server nginx etag "66a0a023-1fa" content-type image/webp accept-ranges bytes content-length 506
GET H2	200	unnamed1.jpg play.rtrwns.xyz/statics/	237 KB 237 KB	978ms 974ms	Image image/jpeg	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Show image Full URL https://play.rtrwns.xyz/statics/unnamed1.jpg Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash 64636a654ce3dcee90aa79dad86ec0c6d7a1d84481b7089995274af71eb26557 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:48:30 GMT strict-transport-security max-age=31536000 last-modified Tue, 30 Jul 2024 16:02:05 GMT server nginx etag "66a90e7d-3b3d1" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 242641 expires Sun, 01 Sep 2024 20:48:30 GMT
GET H2	200	unnamed2.jpg play.rtrwns.xyz/statics/	124 KB 125 KB	976ms 975ms	Image image/jpeg	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Show image Full URL https://play.rtrwns.xyz/statics/unnamed2.jpg Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash 359b26d0c6657d0e8fad1e3b8991087f9a047d647c645a78547107c4e0abe17d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:48:30 GMT strict-transport-security max-age=31536000 last-modified Tue, 30 Jul 2024 16:02:05 GMT server nginx etag "66a90e7d-1f0ad" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 127149 expires Sun, 01 Sep 2024 20:48:30 GMT
GET H2	200	unnamed3.jpg play.rtrwns.xyz/statics/	185 KB 185 KB	976ms 975ms	Image image/jpeg	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Show image Full URL https://play.rtrwns.xyz/statics/unnamed3.jpg Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash 338f802df0efe4b69de22e332d211cf7dee12b1f46b3790be63719ffe24f5856 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:48:30 GMT strict-transport-security max-age=31536000 last-modified Tue, 30 Jul 2024 16:02:05 GMT server nginx etag "66a90e7d-2e2fc" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 189180 expires Sun, 01 Sep 2024 20:48:30 GMT
GET H2	200	unnamed4.jpg play.rtrwns.xyz/statics/	268 KB 268 KB	976ms 975ms	Image image/jpeg	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Show image Full URL https://play.rtrwns.xyz/statics/unnamed4.jpg Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash 41af01f5011e61d2d0c2e1e17e5fb7a441ef532735a07d7157df485bc26515e8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:48:30 GMT strict-transport-security max-age=31536000 last-modified Tue, 30 Jul 2024 16:02:06 GMT server nginx etag "66a90e7e-42f78" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 274296 expires Sun, 01 Sep 2024 20:48:30 GMT
GET H2	200	unnamed5.jpg play.rtrwns.xyz/statics/	153 KB 153 KB	977ms 975ms	Image image/jpeg	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Show image Full URL https://play.rtrwns.xyz/statics/unnamed5.jpg Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash 171ba512ca6c32a8cd3e177e708087ccbd1e6d4e142b1e0401f0e9d651eabd4d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:48:30 GMT strict-transport-security max-age=31536000 last-modified Tue, 30 Jul 2024 16:02:05 GMT server nginx etag "66a90e7d-26421" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 156705 expires Sun, 01 Sep 2024 20:48:30 GMT
GET H2	200	iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw play-lh.googleusercontent.com/	200 B 499 B	428ms 37ms	Image image/webp	172.217.16.214 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.214 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f22.1e100.net Software fife / Resource Hash 8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:43:04 GMT x-content-type-options nosniff age 624 content-disposition inline;filename="unnamed.webp" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sat, 03 Aug 2024 20:43:04 GMT
GET H2	200	12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw play-lh.googleusercontent.com/	244 B 307 B	430ms 40ms	Image image/webp	172.217.16.214 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.214 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f22.1e100.net Software fife / Resource Hash 6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:43:04 GMT x-content-type-options nosniff age 624 content-disposition inline;filename="unnamed.webp" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 244 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sat, 03 Aug 2024 20:43:04 GMT
GET H2	200	W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw play-lh.googleusercontent.com/	200 B 259 B	433ms 43ms	Image image/webp	172.217.16.214 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.214 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f22.1e100.net Software fife / Resource Hash 329ad3c7ac436f964c7a8cfcc6a74c859b51cdabd8974a65f0836410b11f2dc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 19:27:59 GMT x-content-type-options nosniff age 5129 content-disposition inline;filename="unnamed.webp" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sat, 03 Aug 2024 19:27:59 GMT
GET H2	200	ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw play-lh.googleusercontent.com/	164 B 254 B	428ms 39ms	Image image/webp	172.217.16.214 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.214 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f22.1e100.net Software fife / Resource Hash de88165fa4d58b4ad531b6f8d8facbc5dc00f73e96b617e503d36fee29c53cec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 19:27:59 GMT x-content-type-options nosniff age 5129 content-disposition inline;filename="unnamed.webp" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 164 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sat, 03 Aug 2024 19:27:59 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	225 KB 60 KB	325ms 9ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash 4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 02 Aug 2024 20:53:28 GMT document-policy force-load-at-top x-fb-server-load 34 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58865 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1380, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug AvY/h6lqHR1u6uDQeJDj8SSQGjfqwTMKHNMGuqJCAHw1cAjsXbkIWbM+nOvlFKKKmf9bHab9vmvvOyKGwF6krA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	axios.js Show response play.rtrwns.xyz/statics/	24 KB 9 KB	976ms 975ms	Script application/javascript	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Full URL https://play.rtrwns.xyz/statics/axios.js Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash 144607d3e4b0f2319001316cc48340edcd7a2cff3001ecea27a6436c453fbc21 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:48:30 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 24 Jul 2024 06:33:00 GMT server nginx etag W/"66a0a01c-5f47" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Sat, 03 Aug 2024 08:48:30 GMT
GET H2	200	unnamed.png play.rtrwns.xyz/statics/	348 KB 0	1ms 1ms	Image image/png	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Show image Full URL https://play.rtrwns.xyz/statics/unnamed.png Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash c716526ef5e2a779c422afc4e48a287e329a405bac0c7ba29b6fbffce8d5e565 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:48:27 GMT last-modified Wed, 24 Jul 2024 06:33:11 GMT server nginx etag "66a0a027-5718c" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 356748 expires Sun, 01 Sep 2024 20:48:27 GMT
GET H2	200	4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2 fonts.gstatic.com/s/googlesans/v29/	24 KB 24 KB	424ms 44ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v29/4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2 Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/statics/index1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://play.rtrwns.xyz/ Origin https://play.rtrwns.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 14:59:41 GMT x-content-type-options nosniff age 280427 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24652 x-xss-protection 0 last-modified Tue, 23 Feb 2021 01:47:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 30 Jul 2025 14:59:41 GMT
GET H2	200	Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2 fonts.gstatic.com/s/googlematerialicons/v137/	227 KB 227 KB	468ms 89ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlematerialicons/v137/Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2 Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/statics/index1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash 9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://play.rtrwns.xyz/ Origin https://play.rtrwns.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 17:20:12 GMT x-content-type-options nosniff age 271996 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 232676 x-xss-protection 0 last-modified Mon, 08 May 2023 17:53:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 30 Jul 2025 17:20:12 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/	15 KB 16 KB	415ms 36ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/statics/index1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://play.rtrwns.xyz/ Origin https://play.rtrwns.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 17:14:01 GMT x-content-type-options nosniff age 272367 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 30 Jul 2025 17:14:01 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/	15 KB 15 KB	458ms 79ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/statics/index1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://play.rtrwns.xyz/ Origin https://play.rtrwns.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 09:11:37 GMT x-content-type-options nosniff age 301311 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 30 Jul 2025 09:11:37 GMT
GET H2	200	kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJHMXBBA.woff2 fonts.gstatic.com/s/materialiconsextended/v149/	159 KB 159 KB	489ms 109ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJHMXBBA.woff2 Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/statics/index1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash eb0d08cd57a01d44f44f37b98e603ccfc0cd12f8e3bd6e3f86183fb8e50f585c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://play.rtrwns.xyz/ Origin https://play.rtrwns.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 12:25:48 GMT x-content-type-options nosniff age 116860 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 162852 x-xss-protection 0 last-modified Thu, 25 Aug 2022 00:15:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Aug 2025 12:25:48 GMT
GET H2	200	ACg8ocIUSKhFU5JMYTTZVswOVjVHusNTaERqGJWdtQxG-yhXdhs5Uw=s32-rw-mo play-lh.googleusercontent.com/a/	130 B 218 B	411ms 41ms	Image image/webp	172.217.16.214 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/a/ACg8ocIUSKhFU5JMYTTZVswOVjVHusNTaERqGJWdtQxG-yhXdhs5Uw=s32-rw-mo Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.214 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f22.1e100.net Software fife / Resource Hash 5fdfcd4ba2f249f67fc22608deede2c0b4dace8ced7fd8be1300e9d5f713c4a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 18:34:49 GMT x-content-type-options nosniff server fife age 8319 vary Origin content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.webp" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 130 x-xss-protection 0 expires Sat, 03 Aug 2024 18:34:49 GMT
GET H2	200	ALV-UjVj9S_eq7mh7Q75tOe7PetDZVfR8A15d93xA8GYSc8bLGLaisK0=s32-rw play-lh.googleusercontent.com/a-/	2 KB 2 KB	412ms 43ms	Image image/webp	172.217.16.214 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/a-/ALV-UjVj9S_eq7mh7Q75tOe7PetDZVfR8A15d93xA8GYSc8bLGLaisK0=s32-rw Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.214 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f22.1e100.net Software fife / Resource Hash 09e37e4a37a5eb7438d218ba770c1f8993be43b973219c5f81ce15d8c288e2a8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 18:34:49 GMT x-content-type-options nosniff age 8319 content-disposition inline;filename="unnamed.webp" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2298 x-xss-protection 0 server fife etag "v3361" vary Origin content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sat, 03 Aug 2024 18:34:49 GMT
GET H2	200	ACg8ocIPLLiMzN0PikqoieMMZPDxENDSeCuXi-foffOP18qCOrGHQw=s32-rw-mo play-lh.googleusercontent.com/a/	204 B 265 B	39ms 36ms	Image image/webp	172.217.16.214 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/a/ACg8ocIPLLiMzN0PikqoieMMZPDxENDSeCuXi-foffOP18qCOrGHQw=s32-rw-mo Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.214 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f22.1e100.net Software fife / Resource Hash db6dde9a3d2440d4a46e3463ba9bfa4895873278521dd02c131579ea2d1d546e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 18:34:49 GMT x-content-type-options nosniff server fife age 8319 vary Origin content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.webp" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 204 x-xss-protection 0 expires Sat, 03 Aug 2024 18:34:49 GMT
GET H2	200	478156344590965 Show response connect.facebook.net/signals/config/	72 KB 15 KB	148ms 147ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/478156344590965?v=2.9.164&r=stable&domain=play.rtrwns.xyz&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash eb7db9dc105b99cee52572bfe71d970074c5e2d7555d6d7d12963fd9d4435673 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 02 Aug 2024 20:53:28 GMT document-policy force-load-at-top x-fb-server-load 44 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=12, rtx=0, c=62, mss=1380, tbw=64388, tp=-1, tpl=-1, uplat=140, ullat=0 pragma public x-fb-debug qYAwMorV+MFZGyWSiPpV5qX77X2dJdpPGR14LFxTgiWhOZ0xvyeRVOTUlT5ruJWSg9p2X6Lt6EIB4mStZgtiCg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 273 B	326ms 8ms	Image text/plain	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=478156344590965&ev=PageView&dl=https%3A%2F%2Fplay.rtrwns.xyz%2F&rl=&if=false&ts=1722632008245&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722632008243.122584003809296223&cs_est=true&ler=empty&cdl=API_unavailable&it=1722632008077&coo=false&rqm=GET Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1380, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 02 Aug 2024 20:53:28 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	538ms 220ms	Image image/png	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=478156344590965&ev=PageView&dl=https%3A%2F%2Fplay.rtrwns.xyz%2F&rl=&if=false&ts=1722632008245&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722632008243.122584003809296223&cs_est=true&ler=empty&cdl=API_unavailable&it=1722632008077&coo=false&rqm=FGET Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Fri, 02 Aug 2024 20:53:28 GMT document-policy force-load-at-top x-fb-server-load 63 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7398648138817084327", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1380, tbw=3090, tp=-1, tpl=-1, uplat=211, ullat=0 pragma no-cache x-fb-debug uyg1aWfKoOOd9qFrW7sIVmLTWvpt5hrE//Sc9tw5FgXjf8pMWfDW/1YshHHkmgdrZgTYU4lOkgyZQ75u1Pr/mA== cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7398648138817084327"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	stattistic.js Show response play.rtrwns.xyz/statics/	838 B 1 KB	249ms 249ms	Script application/javascript	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Full URL https://play.rtrwns.xyz/statics/stattistic.js Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash 4260cdef311b7583ebd774f5f102b5da904e95157745c8ef0d795283907b9343 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:48:45 GMT strict-transport-security max-age=31536000 last-modified Thu, 01 Aug 2024 18:04:25 GMT server nginx etag "66abce29-346" content-type application/javascript cache-control max-age=43200 accept-ranges bytes content-length 838 expires Sat, 03 Aug 2024 08:48:45 GMT
GET H2	200	add Show response stapi.666ed.com/ads/statistic/	2 B 233 B	1251ms 328ms	XHR application/json	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Full URL https://stapi.666ed.com/ads/statistic/add?uuid=205dc3491c6140c2a04d97d592b2a3ad&address=com.rtrwns.ganesha&type=luodiye Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/statics/axios.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept application/json, text/plain, */* Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:48:47 GMT server nginx vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://play.rtrwns.xyz cache-control no-cache access-control-allow-credentials true content-length 2
GET H2	404	favicon.ico play.rtrwns.xyz/	548 B 611 B	249ms 249ms	Other text/html	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Full URL https://play.rtrwns.xyz/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:48:46 GMT server nginx content-length 548 content-type text/html
GET H2	200	add Show response stapi.666ed.com/ads/statistic/	2 B 232 B	326ms 325ms	XHR application/json	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Full URL https://stapi.666ed.com/ads/statistic/add?uuid=205dc3491c6140c2a04d97d592b2a3ad&address=com.rtrwns.ganesha&type=click Requested by Host: play.rtrwns.xyz URL: https://play.rtrwns.xyz/statics/axios.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept application/json, text/plain, */* Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 02 Aug 2024 20:48:50 GMT server nginx vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://play.rtrwns.xyz cache-control no-cache access-control-allow-credentials true content-length 2
GET H2	200	/ www.facebook.com/tr/	0 125 B	9ms 8ms	Image text/plain	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=478156344590965&ev=DownloadAPK&dl=https%3A%2F%2Fplay.rtrwns.xyz%2F&rl=&if=false&ts=1722632027811&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1722632008243.122584003809296223&ler=empty&cdl=API_unavailable&it=1722632008077&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1380, tbw=6498, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 02 Aug 2024 20:53:47 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 854 B	116ms 116ms	Image image/png	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=478156344590965&ev=DownloadAPK&dl=https%3A%2F%2Fplay.rtrwns.xyz%2F&rl=&if=false&ts=1722632027811&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1722632008243.122584003809296223&ler=empty&cdl=API_unavailable&it=1722632008077&coo=false&rqm=FGET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://play.rtrwns.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Fri, 02 Aug 2024 20:53:47 GMT document-policy force-load-at-top x-fb-server-load 41 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7398648219657941085", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1380, tbw=6667, tp=-1, tpl=-1, uplat=107, ullat=0 pragma no-cache x-fb-debug QmgLQPFp7DCbAEhw2OtOZRqFAqyTu6pg+usjFgkbGSfyG1IMYop7VLvXbuGdF4gxzeTkRa6tXj/rckGBORkdeA== cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7398648219657941085"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	JL9Bet.apk play.rtrwns.xyz/statics/	0 0	496ms 496ms	Document application/octet-stream	103.71.153.204 HIITL-AS-AP Hong ...
General Check archive.org Show headers Download Go to Full URL https://play.rtrwns.xyz/statics/JL9Bet.apk? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.71.153.204 , Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://play.rtrwns.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-length 6440053 content-type application/octet-stream date Fri, 02 Aug 2024 20:48:50 GMT etag "66abcdd0-624475" last-modified Thu, 01 Aug 2024 18:02:56 GMT server nginx strict-transport-security max-age=31536000

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gotoRef function| loadScript function| fbq function| _fbq function| axios string| url string| packageName function| guid function| getUUID function| saveStatistic boolean| isLoad

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rtrwns.xyz/	1970-01-21 00:40:08	Name: _fbp Value: fb.1.1722632008243.122584003809296223

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://play.rtrwns.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.gstatic.com
play-lh.googleusercontent.com
play.rtrwns.xyz
stapi.666ed.com
www.facebook.com
103.71.153.204
142.250.186.131
157.240.0.35
157.240.0.6
172.217.16.214
032048525671e4f2de20a3510c3dabac7034ac1b98a06b4c51da008e422378f5
09e37e4a37a5eb7438d218ba770c1f8993be43b973219c5f81ce15d8c288e2a8
144607d3e4b0f2319001316cc48340edcd7a2cff3001ecea27a6436c453fbc21
171ba512ca6c32a8cd3e177e708087ccbd1e6d4e142b1e0401f0e9d651eabd4d
329ad3c7ac436f964c7a8cfcc6a74c859b51cdabd8974a65f0836410b11f2dc5
338f802df0efe4b69de22e332d211cf7dee12b1f46b3790be63719ffe24f5856
359b26d0c6657d0e8fad1e3b8991087f9a047d647c645a78547107c4e0abe17d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41af01f5011e61d2d0c2e1e17e5fb7a441ef532735a07d7157df485bc26515e8
4260cdef311b7583ebd774f5f102b5da904e95157745c8ef0d795283907b9343
43cc8900f22e7e777789d2eae05a22c87a63f67831e031094302fe25d6b1a04b
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fdfcd4ba2f249f67fc22608deede2c0b4dace8ced7fd8be1300e9d5f713c4a6
64636a654ce3dcee90aa79dad86ec0c6d7a1d84481b7089995274af71eb26557
6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284
8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627
91f7a2dac472c9865656e6db4c02bd35dd68f0cbed3c1a23be7bb6b85c54725f
9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c716526ef5e2a779c422afc4e48a287e329a405bac0c7ba29b6fbffce8d5e565
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
db6dde9a3d2440d4a46e3463ba9bfa4895873278521dd02c131579ea2d1d546e
de88165fa4d58b4ad531b6f8d8facbc5dc00f73e96b617e503d36fee29c53cec
dfcbb195a59b43c10bc3d9afef5187ff587663160f297ca68caa47f4bce127cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb0d08cd57a01d44f44f37b98e603ccfc0cd12f8e3bd6e3f86183fb8e50f585c
eb7db9dc105b99cee52572bfe71d970074c5e2d7555d6d7d12963fd9d4435673