urlscan.io logo urlscan.io
SecurityTrails logo

payauth.panicbot.xyz Open in urlscan Pro
135.181.218.163  Public Scan

Go To Rescan Add Verdict Report
URL: https://payauth.panicbot.xyz/
Submission: On December 23 via automatic, source certstream-suspicious — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 15 HTTP transactions. The main IP is 135.181.218.163, located in Helsinki, Finland and belongs to HETZNER-AS Hetzner Online GmbH, DE. The main domain is payauth.panicbot.xyz.
TLS certificate: Issued by E6 on December 23rd 2024. Valid for: 3 months.
This is the only time payauth.panicbot.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 135.181.218.163 24940 (HETZNER-A...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
6 68.183.192.165 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
1 148.113.163.172 16276 (OVH OVH SAS)
15 6
5    135.181.218.163 (Helsinki, Finland)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.163.218.181.135.clients.your-server.de
payauth.panicbot.xyz
1    2606:4700:10::6816:92c (United States)

ASN13335 (CLOUDFLARENET, US)
xumm.app
6    68.183.192.165 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
remotejs.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com
1    148.113.163.172 (Canada)

ASN16276 (OVH OVH SAS, FR)
PTR: prd-usage-5.tjsint.net
usage.trackjs.com
Apex Domain
Subdomains		 Transfer
6 remotejs.com
remotejs.com
76 KB
5 panicbot.xyz
payauth.panicbot.xyz
662 KB
1 trackjs.com
usage.trackjs.com — Cisco Umbrella Rank: 2933
273 B
1 gstatic.com
fonts.gstatic.com
29 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
762 B
1 xumm.app
xumm.app
6 KB
15 6
Domain Requested by
6 remotejs.com payauth.panicbot.xyz
remotejs.com
5 payauth.panicbot.xyz payauth.panicbot.xyz
1 usage.trackjs.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com payauth.panicbot.xyz
1 xumm.app payauth.panicbot.xyz
15 6

This site contains no links.

Subject Issuer Validity Valid
payauth.panicbot.xyz
E6		 2024-12-23 -
2025-03-23		 3 months crt.sh
xumm.app
E5		 2024-12-05 -
2025-03-05		 3 months crt.sh
remotejs.com
R11		 2024-11-20 -
2025-02-18		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.trackjs.com
RapidSSL TLS RSA CA G1		 2024-08-05 -
2025-08-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://payauth.panicbot.xyz/
Frame ID: 17F3F9D3D3B9174028EED7FD194FE8DC
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pay Auth

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

774 kB
Transfer

978 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payauth.panicbot.xyz/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payauth.panicbot.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.218.163 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.163.218.181.135.clients.your-server.de
Software
Caddy /
Resource Hash
744247195085fdc56975a095fed9b46a8455a8d7dd91bf7a8951a3872f5eada5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
1063
content-type
text/html; charset=utf-8
date
Mon, 23 Dec 2024 05:22:35 GMT
etag
"d6itr7fo4bi1tj"
last-modified
Mon, 23 Dec 2024 05:18:44 GMT
server
Caddy
vary
Accept-Encoding
xumm-xapp-sdk.min.js
xumm.app/assets/cdn/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xumm.app/assets/cdn/xumm-xapp-sdk.min.js?v=1.3.0
Requested by
Host: payauth.panicbot.xyz
URL: https://payauth.panicbot.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:92c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b7005a5ce559da2fa07e05722ddcaeb873fd93e6b6c26c675465027eda7ac7
Security Headers
Name Value
Content-Security-Policy object-src 'none'; manifest-src 'self'; frame-ancestors 'self'; default-src 'none'; script-src 'self' 'unsafe-eval' 'sha256-xZT4QgHECLfE0jlh63xgqi9PCTdAN/80U4g0/Sy0uPY=' 'sha256-fynwwNeatXCacHQ6swcxEezVAL4vYjU1A7aWVSTlQ+Q=' 'sha256-3Ey30PJkNcf9LrK7CIqrujoq79a+uJqKgYsaBDj15Eo=' polyfill.io kit.fontawesome.com *.zdassets.com xumm.zendesk.com support.xumm.app remotejs.com plausible.io; style-src 'self' 'unsafe-inline' stackpath.bootstrapcdn.com use.fontawesome.com kit-pro.fontawesome.com kit-free.fontawesome.com fonts.googleapis.com use.typekit.net p.typekit.net xaman.app xumm.app; connect-src 'self' wss://xaman.app wss://xumm.app wss://custom-node.xrpl-labs.com xaman.app xumm.app ka-f.fontawesome.com api.rss2json.com ka-p.fontawesome.com *.zdassets.com xumm.zendesk.com support.xumm.app remotejs.com plausible.io kit.fontawesome.com; img-src 'self' image-proxy.xrpl-labs.com xaman.app xumm.app media.giphy.com cdn.xaman.app cdn.xumm.pro cdn.xumm.app xumm-cdn.imgix.net xumm.nyc3.cdn.digitaloceanspaces.com badge.fury.io github.com *.cloudfront.net cdn-images-1.medium.com cdn-images-2.medium.com; font-src 'self' use.fontawesome.com kit.fontawesome.com kit-free.fontawesome.com kit-pro.fontawesome.com fonts.gstatic.com use.typekit.net ka-p.fontawesome.com ka-f.fontawesome.com; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://payauth.panicbot.xyz/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"35cd-192447c08a1"
access-control-allow-methods
GET, PUT, POST, PATCH, DELETE, OPTIONS
x-content-type-options
nosniff
date
Mon, 23 Dec 2024 05:22:35 GMT
last-modified
Mon, 30 Sep 2024 19:50:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, PayID-Version, PayID-API-Version
strict-transport-security
max-age=31536000; includeSubDomains; preload
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'
content-security-policy
object-src 'none'; manifest-src 'self'; frame-ancestors 'self'; default-src 'none'; script-src 'self' 'unsafe-eval' 'sha256-xZT4QgHECLfE0jlh63xgqi9PCTdAN/80U4g0/Sy0uPY=' 'sha256-fynwwNeatXCacHQ6swcxEezVAL4vYjU1A7aWVSTlQ+Q=' 'sha256-3Ey30PJkNcf9LrK7CIqrujoq79a+uJqKgYsaBDj15Eo=' polyfill.io kit.fontawesome.com *.zdassets.com xumm.zendesk.com support.xumm.app remotejs.com plausible.io; style-src 'self' 'unsafe-inline' stackpath.bootstrapcdn.com use.fontawesome.com kit-pro.fontawesome.com kit-free.fontawesome.com fonts.googleapis.com use.typekit.net p.typekit.net xaman.app xumm.app; connect-src 'self' wss://xaman.app wss://xumm.app wss://custom-node.xrpl-labs.com xaman.app xumm.app ka-f.fontawesome.com api.rss2json.com ka-p.fontawesome.com *.zdassets.com xumm.zendesk.com support.xumm.app remotejs.com plausible.io kit.fontawesome.com; img-src 'self' image-proxy.xrpl-labs.com xaman.app xumm.app media.giphy.com cdn.xaman.app cdn.xumm.pro cdn.xumm.app xumm-cdn.imgix.net xumm.nyc3.cdn.digitaloceanspaces.com badge.fury.io github.com *.cloudfront.net cdn-images-1.medium.com cdn-images-2.medium.com; font-src 'self' use.fontawesome.com kit.fontawesome.com kit-free.fontawesome.com kit-pro.fontawesome.com fonts.gstatic.com use.typekit.net ka-p.fontawesome.com ka-f.fontawesome.com; upgrade-insecure-requests
cache-control
max-age=604800, public
x-dns-prefetch-control
off
x-backend
@default_backend
access-control-allow-credentials
true
referrer-policy
same-origin
x-download-options
noopen
cf-ray
8f65ea2beaed8d85-HEL
permissions-policy
camera=(), microphone=(), geolocation=()
access-control-allow-origin
*
server
cloudflare
agent.js
remotejs.com/agent/ 		274 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://remotejs.com/agent/agent.js
Requested by
Host: payauth.panicbot.xyz
URL: https://payauth.panicbot.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.183.192.165 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
0be6a48e9d94ae2579cd515d138d98d6c1da53337f2bafa8d08c4cf73e66f568

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://payauth.panicbot.xyz
Referer
https://payauth.panicbot.xyz/

Response headers

Transfer-Encoding
chunked
Access-Control-Expose-Headers
TrackJS-Correlation-Id
Cache-Control
public, max-age=0
Content-Encoding
gzip
TrackJS-Correlation-Id
79c412f0-a716-4b7c-b731-5d35b2128d42
ETag
W/"44816-190e58370f8"
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Date
Mon, 23 Dec 2024 05:22:35 GMT
Last-Modified
Wed, 24 Jul 2024 16:11:55 GMT
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
css
fonts.googleapis.com/ 		411 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Permanent%20Marker
Requested by
Host: payauth.panicbot.xyz
URL: https://payauth.panicbot.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad4bfddf8655e9760246681a99d2d007b37b928b00cd6f9bd552395ad6d23087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://payauth.panicbot.xyz/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 05:22:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 05:22:35 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 23 Dec 2024 04:19:04 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
index-485c53bc.js
payauth.panicbot.xyz/assets/ 		331 KB
331 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payauth.panicbot.xyz/assets/index-485c53bc.js
Requested by
Host: payauth.panicbot.xyz
URL: https://payauth.panicbot.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.218.163 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.163.218.181.135.clients.your-server.de
Software
Caddy /
Resource Hash
b3d370a7c850850d7d3537fce30ef8f1028093be1709ec4f0ad0b054e6430391

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://payauth.panicbot.xyz
Referer
https://payauth.panicbot.xyz/

Response headers

etag
"d6itr7fo4bi179ao"
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
338640
date
Mon, 23 Dec 2024 05:22:35 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 23 Dec 2024 05:18:44 GMT
server
Caddy
vary
Accept-Encoding
index-b6865b41.css
payauth.panicbot.xyz/assets/ 		301 KB
301 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payauth.panicbot.xyz/assets/index-b6865b41.css
Requested by
Host: payauth.panicbot.xyz
URL: https://payauth.panicbot.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.181.218.163 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.163.218.181.135.clients.your-server.de
Software
Caddy /
Resource Hash
b6865b41878f4035adf7f42bcff2df5cee605255baf30f3033e18e3750fba555

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://payauth.panicbot.xyz/

Response headers

etag
"d6itr7fo4bi16lhh"
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
307781
date
Mon, 23 Dec 2024 05:22:35 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 23 Dec 2024 05:18:44 GMT
server
Caddy
vary
Accept-Encoding
/
remotejs.com/sockets/ 		103 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://remotejs.com/sockets/?channelId=d0d6cdab-ec5a-e21e-c82e-bb0c8b17fc87&role=agent&id=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&url=https%3A%2F%2Fpayauth.panicbot.xyz%2F&EIO=3&transport=polling&t=PFnzved
Requested by
Host: remotejs.com
URL: https://remotejs.com/agent/agent.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.183.192.165 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
8e99b4bcb36f8515bdab832e884215af1a797f2fb8fb7890f989e71211ce3ff2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Referer
https://payauth.panicbot.xyz/

Response headers

Access-Control-Allow-Origin
https://payauth.panicbot.xyz
Content-Length
103
Date
Mon, 23 Dec 2024 05:22:36 GMT
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
Access-Control-Allow-Credentials
true
zap.jpeg
payauth.panicbot.xyz/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payauth.panicbot.xyz/zap.jpeg
Requested by
Host: payauth.panicbot.xyz
URL: https://payauth.panicbot.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.181.218.163 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.163.218.181.135.clients.your-server.de
Software
Caddy /
Resource Hash
cbc3076b4393b155377694958028ad50755c0ba58261a6df73d404dc6ff74518

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://payauth.panicbot.xyz/

Response headers

etag
"d6itr7c14ygeail"
accept-ranges
bytes
content-length
13629
date
Mon, 23 Dec 2024 05:22:36 GMT
content-type
image/jpeg
vary
Accept-Encoding
server
Caddy
last-modified
Mon, 23 Dec 2024 05:18:43 GMT
Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
fonts.gstatic.com/s/permanentmarker/v16/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Permanent%20Marker
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://payauth.panicbot.xyz
Referer
https://fonts.googleapis.com/

Response headers

age
534815
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 00:49:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 00:49:01 GMT
last-modified
Tue, 19 Apr 2022 17:55:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
29564
x-xss-protection
0
server
sffe
usage.gif
usage.trackjs.com/ 		43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usage.trackjs.com/usage.gif?token=1234&correlationId=7152e7ff-8421-4db6-a7a6-e559a24b422b&application=&x=c86e95ba-7a4f-4e03-9fbe-e2ec329f341e&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.113.163.172 , Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
prd-usage-5.tjsint.net
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://payauth.panicbot.xyz/

Response headers

Cross-Origin-Resource-Policy
cross-origin
Content-Length
43
Date
Mon, 23 Dec 2024 05:22:36 GMT
Content-Type
image/gif
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
favicon.ico
payauth.panicbot.xyz/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://payauth.panicbot.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
135.181.218.163 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.163.218.181.135.clients.your-server.de
Software
Caddy /
Resource Hash
1a8869f7bd5197b2851e46015ae796b586a2a37b1c669e92530516918837a2d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://payauth.panicbot.xyz/

Response headers

etag
"d6itr7c14ygebvy"
accept-ranges
bytes
content-length
15406
date
Mon, 23 Dec 2024 05:22:36 GMT
content-type
image/vnd.microsoft.icon
vary
Accept-Encoding
server
Caddy
last-modified
Mon, 23 Dec 2024 05:18:43 GMT
/
remotejs.com/sockets/ 		2 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://remotejs.com/sockets/?channelId=d0d6cdab-ec5a-e21e-c82e-bb0c8b17fc87&role=agent&id=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&url=https%3A%2F%2Fpayauth.panicbot.xyz%2F&EIO=3&transport=polling&t=PFnzvkm&sid=witYwvaLU9fYiYZIBdNp
Requested by
Host: remotejs.com
URL: https://remotejs.com/agent/agent.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.183.192.165 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://payauth.panicbot.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Content-type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://payauth.panicbot.xyz
Content-Length
2
Date
Mon, 23 Dec 2024 05:22:36 GMT
Content-Type
text/html
Connection
keep-alive
Access-Control-Allow-Credentials
true
/
remotejs.com/sockets/ 		58 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://remotejs.com/sockets/?channelId=d0d6cdab-ec5a-e21e-c82e-bb0c8b17fc87&role=agent&id=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&url=https%3A%2F%2Fpayauth.panicbot.xyz%2F&EIO=3&transport=polling&t=PFnzvkm.0&sid=witYwvaLU9fYiYZIBdNp
Requested by
Host: remotejs.com
URL: https://remotejs.com/agent/agent.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.183.192.165 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
495894ffd8a71032ee1b4034fb8b27cb80998c50c9bd90641cca65f52dd1dca1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Referer
https://payauth.panicbot.xyz/

Response headers

Access-Control-Allow-Origin
https://payauth.panicbot.xyz
Content-Length
58
Date
Mon, 23 Dec 2024 05:22:36 GMT
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
Access-Control-Allow-Credentials
true
/
remotejs.com/sockets/ 		2 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://remotejs.com/sockets/?channelId=d0d6cdab-ec5a-e21e-c82e-bb0c8b17fc87&role=agent&id=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&url=https%3A%2F%2Fpayauth.panicbot.xyz%2F&EIO=3&transport=polling&t=PFnzvms&sid=witYwvaLU9fYiYZIBdNp
Requested by
Host: remotejs.com
URL: https://remotejs.com/agent/agent.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.183.192.165 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://payauth.panicbot.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Content-type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://payauth.panicbot.xyz
Content-Length
2
Date
Mon, 23 Dec 2024 05:22:36 GMT
Content-Type
text/html
Connection
keep-alive
Access-Control-Allow-Credentials
true
/
remotejs.com/sockets/ 		3 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://remotejs.com/sockets/?channelId=d0d6cdab-ec5a-e21e-c82e-bb0c8b17fc87&role=agent&id=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&url=https%3A%2F%2Fpayauth.panicbot.xyz%2F&EIO=3&transport=polling&t=PFnzvow&sid=witYwvaLU9fYiYZIBdNp
Requested by
Host: remotejs.com
URL: https://remotejs.com/agent/agent.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.183.192.165 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Referer
https://payauth.panicbot.xyz/

Response headers

Access-Control-Allow-Origin
https://payauth.panicbot.xyz
Content-Length
3
Date
Mon, 23 Dec 2024 05:22:37 GMT
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| xAppSdk object| _xAppSdk object| telemetry object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE__ string| agentId

0 Cookies