paybits.xyz Open in urlscan Pro
2606:4700:3031::6815:2549 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paybits.xyz/
Submission Tags: analytics-framework
Submission: On April 20 via api (April 20th 2023, 12:33:07 am UTC) from US — Scanned from DE

Summary HTTP 146 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 33 IPs in 3 countries across 29 domains to perform 146 HTTP transactions. The main IP is 2606:4700:3031::6815:2549, located in United States and belongs to CLOUDFLARENET, US. The main domain is paybits.xyz.
TLS certificate: Issued by GTS CA 1P5 on April 17th 2023. Valid for: 3 months.

This is the only time paybits.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3031::6815:2549	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
15	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3038::6815:ebcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::ac43:ddae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f083:10e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
4	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	176.9.28.133 176.9.28.133	24940 (HETZNER-AS) (HETZNER-AS)
2	45.133.44.52 45.133.44.52	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
13	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a01:4f8:c0:2... 2a01:4f8:c0:2343::2	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-AS) (HETZNER-AS)
2	136.243.22.74 136.243.22.74	24940 (HETZNER-AS) (HETZNER-AS)
4	2a01:4f8:252:... 2a01:4f8:252:561a::2	24940 (HETZNER-AS) (HETZNER-AS)
1	168.119.25.102 168.119.25.102	24940 (HETZNER-AS) (HETZNER-AS)
2 3	2a00:1450:400... 2a00:1450:4001:813::200d	15169 (GOOGLE) (GOOGLE)
2	94.130.197.140 94.130.197.140	24940 (HETZNER-AS) (HETZNER-AS)
1 1	185.98.54.153 185.98.54.153	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	45.133.44.37 45.133.44.37	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
146	33

9 2606:4700:3031::6815:2549 (United States)

ASN13335 (CLOUDFLARENET, US)

paybits.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cryptocoinsad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ebcc (United States)

ASN13335 (CLOUDFLARENET, US)

www.chatbro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:ddae (United States)

ASN13335 (CLOUDFLARENET, US)

static.surfe.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:10e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

socialplugin.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

8c13bf20ce.6ce0a3adc4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.28.133 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.133.28.9.176.clients.your-server.de

rt183.surfe.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpshsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a83cd3d8a2.0fed9a37d4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:c0:2343::2 (Germany)

ASN24940 (HETZNER-AS, DE)

ntvpwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.22.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.22.243.136.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:252:561a::2 (Germany)

ASN24940 (HETZNER-AS, DE)

0b07b901e2.42de2de7b1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.25.102 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.102.25.119.168.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200d (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.197.140 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.140.197.130.94.clients.your-server.de

static.bookmsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.98.54.153 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.viifogyp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.37 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.cdnkimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-fra3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 680 scontent-fra3-1.xx.fbcdn.net — Cisco Umbrella Rank: 8136	1 MB
15	cryptocoinsad.com cryptocoinsad.com — Cisco Umbrella Rank: 253188	376 KB
13	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	70 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	200 KB
9	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 130 accounts.google.com — Cisco Umbrella Rank: 92	32 KB
9	paybits.xyz paybits.xyz	693 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	564 KB
4	42de2de7b1.com 0b07b901e2.42de2de7b1.com	23 KB
4	6ce0a3adc4.com 8c13bf20ce.6ce0a3adc4.com	164 KB
3	surfe.pro static.surfe.pro — Cisco Umbrella Rank: 232844 rt183.surfe.pro — Cisco Umbrella Rank: 241685	4 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	2 KB
2	cdnkimg.com i.cdnkimg.com — Cisco Umbrella Rank: 11891	25 KB
2	bookmsg.com static.bookmsg.com — Cisco Umbrella Rank: 30029	1 KB
2	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 19110 static.a-ads.com — Cisco Umbrella Rank: 27760	162 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 28615	400 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189 socialplugin.facebook.net — Cisco Umbrella Rank: 13471	91 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1718	305 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	43 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	118 KB
1	viifogyp.com 1 redirects s.viifogyp.com — Cisco Umbrella Rank: 18502	128 B
1	nereserv.com nereserv.com — Cisco Umbrella Rank: 28058	201 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 5261	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	605 B
1	ntvpwpush.com ntvpwpush.com — Cisco Umbrella Rank: 24832	654 B
1	0fed9a37d4.com a83cd3d8a2.0fed9a37d4.com	207 B
1	wpshsdk.com js.wpshsdk.com — Cisco Umbrella Rank: 13007	238 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	5 KB
1	chatbro.com www.chatbro.com — Cisco Umbrella Rank: 108115	640 B
146	29

	Domain	Requested by
39	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
15	cryptocoinsad.com	paybits.xyz cryptocoinsad.com
13	www.facebook.com	connect.facebook.net static.xx.fbcdn.net
9	paybits.xyz	paybits.xyz
8	pagead2.googlesyndication.com	paybits.xyz pagead2.googlesyndication.com tpc.googlesyndication.com
6	www.gstatic.com	www.google.com www.gstatic.com
5	www.google.com	paybits.xyz www.gstatic.com www.google.com tpc.googlesyndication.com
4	0b07b901e2.42de2de7b1.com	8c13bf20ce.6ce0a3adc4.com paybits.xyz
4	8c13bf20ce.6ce0a3adc4.com	paybits.xyz 8c13bf20ce.6ce0a3adc4.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	accounts.google.com	2 redirects paybits.xyz
3	fonts.googleapis.com	paybits.xyz
2	i.cdnkimg.com	paybits.xyz
2	static.bookmsg.com	paybits.xyz
2	fp.metricswpsh.com	8c13bf20ce.6ce0a3adc4.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	static.surfe.pro	paybits.xyz
2	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.jsdelivr.net	paybits.xyz
2	www.googletagmanager.com	paybits.xyz
1	scontent-fra3-1.xx.fbcdn.net	www.facebook.com
1	s.viifogyp.com	1 redirects
1	static.a-ads.com	ad.a-ads.com
1	nereserv.com	8c13bf20ce.6ce0a3adc4.com
1	ad.a-ads.com	paybits.xyz
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ntvpwpush.com	8c13bf20ce.6ce0a3adc4.com
1	a83cd3d8a2.0fed9a37d4.com	8c13bf20ce.6ce0a3adc4.com
1	js.wpshsdk.com	8c13bf20ce.6ce0a3adc4.com
1	rt183.surfe.pro	paybits.xyz
1	socialplugin.facebook.net	connect.facebook.net
1	connect.facebook.net	paybits.xyz
1	cdnjs.cloudflare.com	paybits.xyz
1	www.chatbro.com	paybits.xyz
146	37

This site contains links to these domains. Also see Links.

Domain
discord.com
t.me
discord.gg

Subject Issuer	Validity	Valid
paybits.xyz GTS CA 1P5	`2023-04-17` - `2023-07-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-27` - `2023-04-27`	3 months	crt.sh
*.socialplugin.facebook.net DigiCert SHA2 High Assurance Server CA	`2023-01-27` - `2023-04-27`	3 months	crt.sh
8c13bf20ce.6ce0a3adc4.com R3	`2023-04-17` - `2023-07-16`	3 months	crt.sh
*.surfe.pro R3	`2023-03-20` - `2023-06-18`	3 months	crt.sh
js.wpshsdk.com R3	`2023-03-27` - `2023-06-25`	3 months	crt.sh
a83cd3d8a2.0fed9a37d4.com R3	`2023-04-17` - `2023-07-16`	3 months	crt.sh
notification.tubecup.net R3	`2023-03-29` - `2023-06-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-21` - `2024-01-21`	a year	crt.sh
42de2de7b1.com R3	`2023-04-17` - `2023-07-16`	3 months	crt.sh
bookmsg.com R3	`2023-03-16` - `2023-06-14`	3 months	crt.sh
i.cdnkimg.com R3	`2023-03-29` - `2023-06-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://paybits.xyz/
Frame ID: 952CD3E33573420343CDD27D736CD85A
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20190131/zrt_lookup.html
Frame ID: 0F23035CC2950C77874F883CBB480653
Requests: 1 HTTP requests in this frame

Frame: https://ntvpwpush.com/dl/cookies
Frame ID: 6FC42D0BB8BFA8F4719E5115F761644A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9547841375802912&output=html&adk=1812271804&adf=3025194257&lmt=1680384701&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpaybits.xyz%2Fhome&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681950775065&bpp=3&bdt=943&idt=246&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1482075769681&frm=20&pv=2&ga_vid=424828537.1681950774&ga_sid=1681950775&ga_hid=444827760&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44786500&oid=2&pvsid=1010255634599963&tmod=435701374&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=266
Frame ID: 7392BEAA3F263DA9CAEE56300AE96572
Requests: 1 HTTP requests in this frame

Frame: https://cryptocoinsad.com/ads/show.php?a=253147&b=394332
Frame ID: E25B5B151BB99D14F6D7C1B243E75F2F
Requests: 3 HTTP requests in this frame

Frame: https://cryptocoinsad.com/ads/show.php?a=253147&b=396381
Frame ID: 1A138186F429ACE9A7BE91E2E171EBBF
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1923848?size=468x60
Frame ID: 211D9D67EFE11677D5C58877EB162E56
Requests: 3 HTTP requests in this frame

Frame: https://cryptocoinsad.com/ads/show.php?a=253147&b=394304
Frame ID: 7F297DEB80642536481680F04B13FC49
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf7wtsdAAAAACYA8xDhEn1mYpDzU1GUonPIgCSf&co=aHR0cHM6Ly9wYXliaXRzLnh5ejo0NDM.&hl=en&type=image&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&badge=bottomright&cb=fkf9l7v6ypiv
Frame ID: 5E123609B7D8863AA4646EF0BF80EFB8
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6Lf7wtsdAAAAACYA8xDhEn1mYpDzU1GUonPIgCSf
Frame ID: E42894B604396C0544BA4583E6F7D46F
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: E1FA8A52929058566B38BED3D4FD193D
Requests: 19 HTTP requests in this frame

Frame: https://cryptocoinsad.com/ads/show_slider.php?a=paybits.xyz
Frame ID: D101B82372C560BA0C07A5D10D066979
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 015F9B70D3094DEAE62FCD809F6FC66D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9DA2BE79B4E6EAE155D2E6A37F0F8998
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v16.0/plugins/customerchat.php?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23656646db8f24%26domain%3Dpaybits.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpaybits.xyz%252Ff28fa62513453d8%26relation%3Dparent.parent&container_width=4000&current_url=https%3A%2F%2Fpaybits.xyz%2Fhome&is_loaded_by_facade=true&locale=en_US&log_id=c1bf5ac0-fd40-4f7c-9ed1-725a4c07995d&page_id=106982865257240&request_time=1681950783161&sdk=joey
Frame ID: E9F62EBE3B44282CE6C8CC970EC4FDD7
Requests: 39 HTTP requests in this frame

Frame: https://www.facebook.com/v16.0/plugins/customer_chat/bubble
Frame ID: 1248E21266D572BA92621D781A68009F
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v16.0/plugins/customer_chat/bubble
Frame ID: BAB7594A4CFBA0FCFE277CFEF136A37D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v16.0/plugins/customer_chat/bubble
Frame ID: 599EF484E8CF238F75B6F04D501E0B62
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v16.0/plugins/customer_chat/bubble
Frame ID: 12C3370B546A8A38249B83CC4A312B6A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v16.0/plugins/customer_chat/bubble
Frame ID: 0C3E5C57086ACE216F7A79DF6762DCA9
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v16.0/plugins/customer_chat/bubble
Frame ID: 653871BAB7B2B7B4507328A8AC0BA8E9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v16.0/plugins/customer_chat/bubble
Frame ID: 000834C3AE8F112895D93F75CFE91EFA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Paybits - Cryptocurrency faucetPaybits - Autofaucet

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

146
Requests

97 %
HTTPS

73 %
IPv6

29
Domains

37
Subdomains

33
IPs

3
Countries

4080 kB
Transfer

13074 kB
Size

19
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.com/invite/78vFAr2GPy

Search URL Search Domain Scan URL

URL: https://t.me/+92nwdFGY8cc1MTk0

Search URL Search Domain Scan URL

URL: https://discord.gg/jckpr8FFA6
Title: TheWalkingDev

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7TxEM8V0hArCoghkKBW2B72H4DUIvzGhG-A_c938pRdfHvXI3LeCPzekmEaiQgYNn08yCY8pg HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S1477233071%3A1681950775591827&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7QtToeO1hAqxI9n5sEdVrriO9e1XzTC9enIlK1uvi2nkHI13oIqCtfushTjlfe8oDuVKe2oBg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 85

https://s.viifogyp.com/n/435/pniesytkbfyfyatbpb7fazsmnvtqy72zbjqxq7crmzawm4ytrykdqxt3priget3mmjmvw3qemv6x4wdijngovlc2jgw2lq2hkfkeaxacrnfdckrwqk7z3exi2xbola3illq57sodkyacvwbzcnq63w6njb4u4skuki4atcciejyaghzjpbkfeocjnhbgtt2kmdmhsxwchgko4oxgj34ya56akwbthcli5xn42sfmkfx6hayatruf2rcmogcfc4ud6eb2c2bmvnhfzvubicgvaocjnfzlonj7l34hs27chffncmzgq5fi465ikvmoasestpw4pnu6v6d2wu6yjcjjx3ohw2pk7b5lkpieq2gak5gb4mqu6flcgbkdx2isnktu6fjht7sqhmodu5xgjwslhzpnk6idudlagjle6c4afiggwqygio7lciz6ebpga3dmiz4xmy7f2u5ductpffkfeocjnezkm4bcmfihqfftii6vmq3iiwooejijh5w3cscwhca4ypqqhndzyuc7tnvtfdsnjdvvg4bvmnnhsxadgqu5wyst3blszeckncbfkr53mlin5qpbh3fw2m2735h6yuxakbjzqto6ulko2tojkr46ivvhxls35vui7fr6q7f3qcg5y2xsklh4xior7ld5doddue3mnemks27zflum3velgns4pvzvkzsimbvqy4kqsjju5y3eke======?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F5983%2F983%2F6351150b145e2t1666258187r6216.jpg.webp&cpa=235d4e78-a814-4750-a1f5-c93f70ca8161&format=default-slide-b_r-body HTTP 302
https://i.cdnkimg.com/auto/192/q85/image/vk/5983/983/6351150b145e2t1666258187r6216.jpg.webp

146 HTTP transactions
25 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
paybits.xyz/ 36 KB
14 KB 331ms
298ms Document
text/html 2606:4700:3031::6815:2549
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybits.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2549 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 37233c58b616a71373774737d7a9e819c27d52ac7f941a5fbbbe5afe09f74331

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7ba94af06a0e3a73-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 20 Apr 2023 00:32:54 GMT
last-modified: Sat, 01 Apr 2023 21:31:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vu%2BI0V5wlPY%2BqacLbJygf9q6vFA7LVdfRVbVgezTkGT%2BWOqsuwl%2F0xd4Ncr8KDHhvjKvRIBNINT8WHxpj0Smy%2B9Iko4WjXMPdOuwzHK9IyR47w%2FxAoVTt54ixq5HwywdaSZDVJfLlVP6lw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
874 B 61ms
24ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: paybits.xyz
URL: https://paybits.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4e69c68f5c5b6c87b4b0437ddce158f64c43653e489a7f0731492243ea115ad7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 00:32:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 74ms
36ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DQ4LF88TWF

Requested by

Host: paybits.xyz
URL: https://paybits.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c2c015e4fc8eaf989fd22795a32f65110a7f6734b525d340285548e1640af13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79030
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Apr 2023 00:32:54 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 94ms
36ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: paybits.xyz
URL: https://paybits.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 00:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 00:32:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 00:32:54 GMT

GET
H2 200 chunk.css
paybits.xyz/Themes/basic/static/css/ 510 KB
66 KB 505ms
503ms Stylesheet
text/css 2606:4700:3031::6815:2549
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybits.xyz/Themes/basic/static/css/chunk.css
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2549 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f1b79a0fbd89b74442e3a2d2ac78251fab12202190d2712778a9fb06603a020e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:54 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 04 Jun 2022 12:26:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"7f8f2-1812eaec714"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8X8oRfK5LNv%2FD10rHzIrnO7FaYeyYs07AwerSnTWqgZ7uOBffWSjE50Tze1iMvL6tz1b8iDABSd4BhBlL8DjXwWSS%2BKRXFU27L%2FxyMe0qQVcBm3UzGVSTWeMhOnekp4i%2FkZVNJabFsJ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7ba94af2cbcd3a73-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.chunk.css
paybits.xyz/Themes/basic/static/css/ 48 KB
11 KB 328ms
327ms Stylesheet
text/css 2606:4700:3031::6815:2549
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybits.xyz/Themes/basic/static/css/main.chunk.css
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2549 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: abb655e98eb936f2434735836b13928b465ce62dd2fb329478431f28f837bda3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:54 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 04 Jun 2022 12:26:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"c1ae-1812eaecacc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHEuuifACvtWqDp8ypnC8aKInVtHtGEfBJm9Baoo4kbZD7ctqQ4iL1RNv0QdHIuBl%2B4%2FT4%2FsHTIRvoA249PdWgV0m0GjMPjtQzsg5jJj0GEFATF80s73eD2iXxmUUq5UNsyXsgiE5g6feA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7ba94af2cbd03a73-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 chunk.js Show response
paybits.xyz/Themes/basic/static/js/ 1 MB
400 KB 640ms
639ms Script
application/javascript 2606:4700:3031::6815:2549
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybits.xyz/Themes/basic/static/js/chunk.js
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2549 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f61e0c3cf6870f7633ee2cb5c7c53e4c325e7850f8983fb82c314aa1334bc503

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:54 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 04 Jun 2022 12:27:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"152878-1812eaf414c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlqiulrhOQWuMwBEVlaSUw7nEN6LU7MRJKUwvvG1HzUEw9ePF%2FHEFWuE5zzBsxsyB4FTboUbADq2zmXsAbngL2tzZUzTkLkPq%2BtI840T0hRR1hfdhK4FN8LsjQjOWiQRuj5tAhD%2Fhr8Grg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7ba94af2cbd13a73-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.chunk.js Show response
paybits.xyz/Themes/basic/static/js/ 288 KB
80 KB 535ms
534ms Script
application/javascript 2606:4700:3031::6815:2549
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybits.xyz/Themes/basic/static/js/main.chunk.js
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2549 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4f4bcfbf20d608799ea8800641b188ece43e8d862ad407a7f34422eb4b9996b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:54 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 11 Jun 2022 14:32:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"481f0-181532de26a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ih4HuwfnCSCRA9TVCrCnkXrKGCdYrNyow6O9VsnwPrRDacYICv0tdeJ5g4FgAiapd19lQ13vKeSQh5yV4g6Hgeqr8MTPa2lG03Cuzk7v51ZdT3JJ9O1ldIWCEgtqOQDw%2BqoQ6jvjSIXSHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7ba94af2cbd23a73-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 popunder.js Show response
cryptocoinsad.com/ads/js/ 2 KB
1 KB 40ms
14ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptocoinsad.com/ads/js/popunder.js
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 141653af87ad92fbaddead1fe145f2bdbaddab6357d9aaf0c2f08e83825dca46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 11:54:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2974
etag: W/"61f52b0b-782"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPCQKLSwT17WRrD1l6H1D%2B5t%2BhXqckBYocYh%2Fh6y8pxGc8rYahHUwxJK8JFkWqwrYDmAl%2FgPZToxUo%2FprO37yqjaLGzS1ULU1f4puznoXdVIOP%2BvuJ02AF0%2FhAsbH%2FO4a41JBQ8Eg6uxa2%2Bwsb2W1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=10800
cf-ray: 7ba94af2f88d39e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 105ms
69ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9547841375802912

Requested by

Host: paybits.xyz
URL: https://paybits.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52374b1892e3ff7ad4f5bfbd09e68b241390ba2e00e39015f6471cf7f346b346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
Origin: https://paybits.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47743
x-xss-protection: 0
server: cafe
etag: 1195383392240378418
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 00:32:54 GMT

GET
H2 200 slider.js Show response
cryptocoinsad.com/ads/js/ 2 KB
974 B 40ms
15ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptocoinsad.com/ads/js/slider.js
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c92a112a43607828bba1abda112d4d6775b5553d11da9c7129dbff3ad4fa8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 11:54:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5618
etag: W/"61f52b0b-60c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTMbc%2B3EYsUkhRYEAykfp3qPI76tnrkYOAvHGgA4KqxCAEum%2FvceA5o5pAOJb45pUg6NNJWrBzJfIjMNtkRTgtbcCNx1yXmOOWGf7pSa%2F5vacj1GMtMFdcgQ6sDkPqfs2HPPL09VImLZTj4R%2B5FZiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=10800
cf-ray: 7ba94af2f88e39e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 63 KB
19 KB 32ms
15ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: paybits.xyz
URL: https://paybits.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b741437f08ff5a83072016e615fb8eb59bf5c2d03defb4027ec151de9d4ae0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 30271
x-jsd-version: 11.7.3
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230029-FRA, cache-bma1677-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"fb54-2L7bOYXVT4xM2BDJlwfWdfStbCc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYdlCXLZu%2FLF1lXc%2BangtI2XvB73Fbi%2FRmjf6TdbOIgGFJ%2B4%2BwHRgMRb%2F8KDU%2FyChmYYZiWAlynJ1XUC7gKa0XWHvCG199BzSit%2BALDmpRxiR7IO2V%2FQplFCvsycBCm%2BYc5ZUVLzSDAFhDKUN2k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7ba94af2ec7fbbfd-FRA

GET
H2 200 embed.js Show response
www.chatbro.com/ 35 B
640 B 49ms
13ms XHR
application/json 2606:4700:3038::6815:ebcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.chatbro.com/embed.js?eyJlbWJlZENoYXRzUGFyYW1ldGVycyI6W3siZW5jb2RlZENoYXRJZCI6IiJ9XSwibGFuZyI6ImVuLVVTIiwibmVlZExvYWRDb2RlIjp0cnVlfQ==
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9884a4fc9740e0d81aefb847822f2e77378ba74a56fe355e4e12452a866883bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:54 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5823
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Wed, 19 Apr 2023 22:55:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaVBGmJIV0YfwhuyK8FmKkSIiEbxU0qhB33ltCyBfENI%2FIpBp2r%2FIuMQ2xxQmM8CwRPKCgO8vYWq98CH1bxYVMbxfD6Y%2FhDxuJUkeKvmm47cybcbx%2B410VjtltNKeb5hPCbdf2sh1EYGQTslzq8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://paybits.xyz
cache-control: max-age=31536000
access-control-allow-credentials: true
cf-ray: 7ba94af30bb190ef-FRA
expires: -1

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ 409 KB
165 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669df991bc101ce8036b07e4431b837c3afcfaedd8e18356f1930bdd8235a6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
Origin: https://paybits.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 17:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168106
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 17:16:44 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 74ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DQ4LF88TWF&gtm=45je34c0&_p=444827760&cid=424828537.1681950774&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681950774&sct=1&seg=0&dl=https%3A%2F%2Fpaybits.xyz%2F&dt=Paybits%20-%20Cryptocurrency%20faucet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQ4LF88TWF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 00:32:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paybits.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
785 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Comfortaa:wght@300&family=Original+Surfer&family=Poppins:wght@500&display=swap

Requested by

Host: paybits.xyz
URL: https://paybits.xyz/Themes/basic/static/css/main.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

242e5afee0099d82b3e206c4befd8a1d4e31ec741292b1b2d4ea3c24cd7e125e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 00:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 00:32:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 00:32:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
887 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap

Requested by

Host: paybits.xyz
URL: https://paybits.xyz/Themes/basic/static/css/main.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9254bbd972e39fae9a8131f960de877fac0f3df0d989a8d116aad66072dce1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 00:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 23:48:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 00:32:54 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/css/ 151 KB
24 KB 17ms
16ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/css/bootstrap.min.css

Requested by

Host: paybits.xyz
URL: https://paybits.xyz/Themes/basic/static/css/main.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d4f6240127cf5d1cfda2caeb0283efb4c9c879e43031f102fa3fc09853ae1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4895951
x-jsd-version: 5.0.0-beta3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230038-FRA, cache-yyz4532-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"25cfb-UcVSpq1X1XvRNJScPVMSiB9RqJM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPok060xMiQTOmKbYMQNJ51XjIDEdJAzqERwQg%2ByqX%2FS%2Bodm1X2jyx%2Bjw1ZL6aS4vs7%2BaBxozUvovC61svzGVYcfTZyc6hRYf5QdPFvFWgxeC1TvGbd6rIgdurBkk4m9hLdSGUzDHqyFLfD6big%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7ba94af4dde1bbfd-FRA

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 80ms
15ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: paybits.xyz
URL: https://paybits.xyz/Themes/basic/static/css/main.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4478334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwgk%2Fo7m1EVyjZfmUBiaM3D4J%2BzYbymYFkXCRNKPnIY8ksXu0rlg5Hq5YBXnkLaO%2B8oIg%2F0SYoDMyPn6Ax8wb8x0UlsT%2FH28aoTbL5Gvdi5THwmB4AGMXrH6m7ixu1FFFtjWi6AQNkRSamMR5bLjMN6U"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ba94af54f8c6987-FRA
expires: Tue, 09 Apr 2024 00:32:54 GMT

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/en_US/sdk/ 315 KB
90 KB 26ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Requested by

Host: paybits.xyz
URL: https://paybits.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2531a9b1dbeee8c6b4cdad9032a10682ac111ac605aac2d406f226f2c484dcf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 00:32:54 GMT
content-md5: HQZO/JLWRr6pufSS6AfSuw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 91009
x-fb-rlafr: 0
x-fb-debug: GfjJgEHSAi+t2ESischIE33uL2kQpiWqWDCcOCEJtM1x209QB4fJcf+qxQJQqfLTLSyTCT/tfTGKYBuVseeUaw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: d9868ab44082eea8f273bd04fe28ec26
cross-origin-opener-policy: same-origin-allow-popups
etag: "ba22bbc4d939e7cf109af831e2544028"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 20 Apr 2023 00:38:03 GMT

POST
H3 200 getInfos Show response
paybits.xyz/user/ 9 KB
3 KB 317ms
316ms XHR
application/json 2606:4700:3031::6815:2549
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybits.xyz/user/getInfos
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/Themes/basic/static/js/chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2549 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ffadf9e7288924c27f8e73ca5cec5adb162a25a7cf9b71bc54c90fbc01e71775

Request headers

Accept: application/json, text/plain, */*
Referer: https://paybits.xyz/home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"2333-ZjBW4/6sRjX1JZ4RDzCTxfGLHyc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BCr1LG1b0Yh%2FAeiONi3emZmRsf2zpVPNoWRnqJSxCpozeltHUlgYEMdzqFSdBeafNqT3Ofu%2FOeA4DEnbOrE0TnX8TrltifxPHSOPO81jU1OArG2SHjoRNC22MqLM97yBtxAGTC7OZiUuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 7ba94af7fc689256-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 user.gif
paybits.xyz/Images/Loaders/ 52 KB
52 KB 471ms
471ms Image
image/gif 2606:4700:3031::6815:2549
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paybits.xyz/Images/Loaders/user.gif
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/home
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2549 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 11d10555229f1da959cea48103bdcfdfb05bcb991e8f7c85e73c585d9b25ba8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 03 Oct 2022 09:23:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"cf4a-1839d280fa4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpnrdytMFe2tKMmP1wpmQBj4AJPy%2FTn7jHZbEXlR1Q2%2F7l3iDa4cdPpipuFvmRXBy2a47G5ZlCCeFA2%2BdneXqG4ezdirrQvz790Be9wB4okbrEnAkwds1rUp4GoqrW97gqYhsdZpzJN3nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7ba94af7fc699256-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53066

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 82ms
24ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Comfortaa:wght@300&family=Original+Surfer&family=Poppins:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paybits.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:35:25 GMT
x-content-type-options: nosniff
age: 136650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:35:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
41 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PC5MSWJ

Requested by

Host: paybits.xyz
URL: https://paybits.xyz/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

905d47d658283e755e58b7b914fa2e97bbabfe35fdd379bf018d75277f2adbe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41729
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Apr 2023 00:32:55 GMT

GET
H2 200 net.js Show response
static.surfe.pro/js/ 4 KB
3 KB 47ms
13ms Script
application/javascript 2606:4700:3032::ac43:ddae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.surfe.pro/js/net.js

Requested by

Host: paybits.xyz
URL: https://paybits.xyz/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:ddae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5b7cca93edaff23020330b201d45def46d287db5da3a1222bf0875958a9adeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1057
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Mar 2023 14:25:26 GMT
server: cloudflare
etag: W/"64186cd6-1100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEPU%2BuS5dmJBZo%2BbfUBqg4yEbWAjuNlAbypNebEQ89gfxJgOAfsgJPCf0X8ot2tofdomn4TKBo%2FyoJoCj2DOT1%2BSMbQZvJLatE%2Bu%2BPCS9TqE2XAx7j6giFDDIu8qM8phkHt5MUWcOvASRLKVQebr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=(),geolocation=(self), camera=()
cf-ray: 7ba94af84e9d03ac-FRA

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 347 KB
116 KB 125ms
74ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9547841375802912&plah=paybits.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9547841375802912

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

433cfcf56c48525963b9518c0b5bb8c56dfd15e432b1425805452e3a2a604dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118929
x-xss-protection: 0
server: cafe
etag: 16094589133865108424
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 00:32:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230417/r20190131/ Frame 0F23 10 KB
5 KB 50ms
13ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230417/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9547841375802912

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 16:40:09 GMT
etag: 2378337311435320485
expires: Wed, 03 May 2023 16:40:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
socialplugin.facebook.net/new_domain_gating/ 40 B
1 KB 73ms
39ms XHR
application/json 2a03:2880:f083:10e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=106982865257240&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:10e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 00:32:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: OpFp6bD9d4Ae1BvNu7lUcFZPH2Y7guksqkhglTEHttRUadcwNbXg0b1fANMjYaKIu2toaUHNLh+F7rpiCvEpeQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/json; charset=utf-8
x-frame-options: DENY
access-control-allow-origin: https://paybits.xyz
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

HEAD
H2 200 net.js
static.surfe.pro/js/ 0
0 30ms
12ms Fetch
application/javascript 2606:4700:3032::ac43:ddae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.surfe.pro/js/net.js

Requested by

Host: paybits.xyz
URL: https://paybits.xyz/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:ddae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3070
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Mar 2023 14:25:26 GMT
server: cloudflare
etag: W/"64186cd6-1100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1CT3l%2Fk7nLZw103rCX3w6HgBl74d98p%2ByvJ7bnHulkZVWAbG4WZtp6udcOo2II4rXbWHGBF4L97i15aYk1cTl3jkLCMf8C2aZuZh4RQRGis7rcOFdDSfeP4f%2BeT0VcE6ssDA7B44Cdec3yPcOQz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=(),geolocation=(self), camera=()
cf-ray: 7ba94af8682cbb4f-FRA

GET
H2 200 d01ef4a20895147b200e26bf795ad66f.js Show response
8c13bf20ce.6ce0a3adc4.com/ 154 KB
55 KB 39ms
7ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://8c13bf20ce.6ce0a3adc4.com/d01ef4a20895147b200e26bf795ad66f.js
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f8eb5d7ec73949baa68e77fe7c26a1753af2c98f93869253d9b8ce1cdcd6b213

Request headers

Referer: https://paybits.xyz/
Origin: https://paybits.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Thu, 20 Apr 2023 00:37:55 GMT
date: Thu, 20 Apr 2023 00:32:55 GMT
content-encoding: gzip
last-modified: Wed, 19 Apr 2023 14:39:52 GMT
server: nginx/1.18.0
etag: W/"643ffd38-267bd"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

POST
H2 200 teaser Show response
rt183.surfe.pro/net/ 0
399 B 51ms
13ms XHR
text/html 176.9.28.133
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rt183.surfe.pro/net/teaser?sid=1&w=1600&seed=48215289050041243&doc_ref=&href=aHR0cHM6Ly9wYXliaXRzLnh5ei9ob21l
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 176.9.28.133 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.133.28.9.176.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paybits.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
content-encoding: gzip
server: nginx
speed-04: site-notfound - 0.0021700859069824
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://paybits.xyz
sb-error: Unknown origin host paybits.xyz
access-control-allow-credentials: true
speed-03: site-inited-view - 0.0021660327911377
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
speed-02: preload - 0.0016460418701172

GET
H2 204 46313 Show response
8c13bf20ce.6ce0a3adc4.com/88818c6a65ab992ce519f14e4df40796/ 0
141 B 83ms
83ms XHR
text/plain 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://8c13bf20ce.6ce0a3adc4.com/88818c6a65ab992ce519f14e4df40796/46313?version_name=a
Requested by: Host: 8c13bf20ce.6ce0a3adc4.com
URL: https://8c13bf20ce.6ce0a3adc4.com/d01ef4a20895147b200e26bf795ad66f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Apr 2023 00:32:55 GMT
cache-control: max-age=300
expires: Thu, 20 Apr 2023 00:37:55 GMT
server: nginx/1.18.0
x-proxy-cache: MISS

GET
H2 200 wp-banners.js Show response
js.wpshsdk.com/npc/sdk/ 0
238 B 28ms
6ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpshsdk.com/npc/sdk/wp-banners.js
Requested by: Host: 8c13bf20ce.6ce0a3adc4.com
URL: https://8c13bf20ce.6ce0a3adc4.com/d01ef4a20895147b200e26bf795ad66f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Thu, 20 Apr 2023 00:37:55 GMT
date: Thu, 20 Apr 2023 00:32:55 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 71317 Show response
8c13bf20ce.6ce0a3adc4.com/88818c6a65ab992ce519f14e4df40796/ 1 KB
1 KB 67ms
67ms XHR
application/json 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://8c13bf20ce.6ce0a3adc4.com/88818c6a65ab992ce519f14e4df40796/71317?version_name=a
Requested by: Host: 8c13bf20ce.6ce0a3adc4.com
URL: https://8c13bf20ce.6ce0a3adc4.com/d01ef4a20895147b200e26bf795ad66f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2b41c600ef51fbd31888250790a91dfcf3982634698a9f64bbbc2f3e980aa17d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Thu, 20 Apr 2023 00:37:55 GMT
date: Thu, 20 Apr 2023 00:32:55 GMT
server: nginx/1.18.0
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
content-length: 1051
x-proxy-cache: MISS

GET
H2 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
2 KB 73ms
41ms XHR
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df154ea2451b9c8%26domain%3Dpaybits.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpaybits.xyz%252Ff28fa62513453d8%26relation%3Dparent.parent&current_url=https%3A%2F%2Fpaybits.xyz%2Fhome&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=c1bf5ac0-fd40-4f7c-9ed1-725a4c07995d&page_id=106982865257240&request_time=1681950775156&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 00:32:55 GMT
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: 0TaB6SA+5IpHa4oR4uTAJuY6BsSIntb4E6roYgJoT6zJnjewNKlnqxLdXslLey3zAjCTVjlV8Q1VkX9GuurWvQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://paybits.xyz
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
www.facebook.com/plugins/customer_chat/facade/ 1 KB
871 B 92ms
62ms XHR
application/json 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df154ea2451b9c8%26domain%3Dpaybits.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpaybits.xyz%252Ff28fa62513453d8%26relation%3Dparent.parent&current_url=https%3A%2F%2Fpaybits.xyz%2Fhome&is_loaded_by_facade=true&locale=en_US&log_id=c1bf5ac0-fd40-4f7c-9ed1-725a4c07995d&page_id=106982865257240&request_time=1681950775156&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4ec31d8b82dae12fca9c7354456f30a106830d59073b8767ac1a7ad7546b884

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Thu, 20 Apr 2023 00:32:55 GMT
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: cGLJLMlf5rOfQlM8EUHsqB6oMLd/yq5q0GrzG/snuSsWm4BTaQBG0zl0AumszS5yV77/e3XwMyq52J0dckK69w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/json; charset=utf-8
x-frame-options: DENY
access-control-allow-origin: https://paybits.xyz
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 track Show response
a83cd3d8a2.0fed9a37d4.com/in/ 0
207 B 65ms
27ms XHR
text/plain 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a83cd3d8a2.0fed9a37d4.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDcwMTE3NTM4OTU4NzU2NzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjQ1LjAiLCJ0YWdfaWQiOjcxMzE3LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiRXRjL1Vua25vd24iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjIsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4xMSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiUGF5Yml0cyUyQ0NyeXB0b2N1cnJlbmN5JTJDZmF1Y2V0JTJDQmVzdCUyQ0F1dG9mYXVjZXQlMkN0byUyQ2Vhcm4lMkNmcmVlJTJDY3J5cHRvJTJDZXZlcnklMkMxJTJDTWludXRlJTJDRWFybiUyQ0JpdGNvaW4lMkMlNUMlMkNFdGhlcnVtJTJDJTVDJTJDU2hpYmElMkMlNUMlMkNUcm9uJTJDYW5kJTJDTW9yZSUyQ2RpcmVjdCUyQ3RvJTJDeW91ciUyQ0ZhdWNldHBheSUyQ2FuZCUyQ0JpbmFuY2VQYXklMkNhY2NvdW50cyUyQy4ifQ==
Requested by: Host: 8c13bf20ce.6ce0a3adc4.com
URL: https://8c13bf20ce.6ce0a3adc4.com/d01ef4a20895147b200e26bf795ad66f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 00:32:55 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 cookies Show response
ntvpwpush.com/dl/ Frame 6FC4 620 B
654 B 39ms
10ms Document
text/html 2a01:4f8:c0:2343::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ntvpwpush.com/dl/cookies
Requested by: Host: 8c13bf20ce.6ce0a3adc4.com
URL: https://8c13bf20ce.6ce0a3adc4.com/d01ef4a20895147b200e26bf795ad66f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:c0:2343::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 252020519b9481bc71c10e8ba9fc22d687d4718b5dde817ce56b6e26b0353076

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html
date: Thu, 20 Apr 2023 00:32:55 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Origin

GET
H2 200 826b4f93bd6a873268fe38be4f9aac9f.js Show response
8c13bf20ce.6ce0a3adc4.com/ 454 KB
108 KB 27ms
13ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://8c13bf20ce.6ce0a3adc4.com/826b4f93bd6a873268fe38be4f9aac9f.js
Requested by: Host: 8c13bf20ce.6ce0a3adc4.com
URL: https://8c13bf20ce.6ce0a3adc4.com/d01ef4a20895147b200e26bf795ad66f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: fe6d621a92e8cea7b25f47476046a3adba189ef9156170cc6530af9d7cdc2d71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Thu, 20 Apr 2023 00:37:55 GMT
date: Thu, 20 Apr 2023 00:32:55 GMT
content-encoding: gzip
last-modified: Tue, 18 Apr 2023 10:16:16 GMT
server: nginx/1.18.0
etag: W/"643e6df0-71960"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
124 B 44ms
44ms XHR
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df154ea2451b9c8%26domain%3Dpaybits.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpaybits.xyz%252Ff28fa62513453d8%26relation%3Dparent.parent&current_url=https%3A%2F%2Fpaybits.xyz%2Fhome&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=112&locale=en_US&log_id=c1bf5ac0-fd40-4f7c-9ed1-725a4c07995d&page_id=106982865257240&request_time=1681950775268&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 00:32:55 GMT
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: fIH4lZtTPjV1yZDIcN1W1cu1pBTYIKMS3lMQ5h7LPyIey+LEse9M6zFwxJVcjVKvyCzpnHCEexAu6Hhbdx0wCA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://paybits.xyz
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
605 B 127ms
34ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=paybits.xyz&callback=_gfp_s_&client=ca-pub-9547841375802912

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9547841375802912&plah=paybits.xyz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab24a2acc3574b6ad478c7cfc4229eebfe35aa849744f7e6e867ce82fcff0d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 120ms
34ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paybits.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 72ms
22ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paybits.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=ccnsad-pop&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: paybits.xyz
URL: https://paybits.xyz/home

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 00:32:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=ccnsad-pop&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: paybits.xyz
URL: https://paybits.xyz/home

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 00:32:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7392 603 B
218 B 39ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9547841375802912&output=html&adk=1812271804&adf=3025194257&lmt=1680384701&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpaybits.xyz%2Fhome&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681950775065&bpp=3&bdt=943&idt=246&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1482075769681&frm=20&pv=2&ga_vid=424828537.1681950774&ga_sid=1681950775&ga_hid=444827760&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44786500&oid=2&pvsid=1010255634599963&tmod=435701374&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=266

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 00:32:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 43ms
12ms Preflight 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=71317
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://paybits.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://paybits.xyz
Connection: keep-alive
Date: Thu, 20 Apr 2023 00:32:55 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 28 B
400 B 95ms
70ms XHR
application/json 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=71317
Requested by: Host: 8c13bf20ce.6ce0a3adc4.com
URL: https://8c13bf20ce.6ce0a3adc4.com/d01ef4a20895147b200e26bf795ad66f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: f00c1af8def99b0ff21a3723a79016c9a169bb03ef0006b74b1b7253e7a99044

Request headers

Referer: https://paybits.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Thu, 20 Apr 2023 00:32:55 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://paybits.xyz
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 28

GET
H2 200 show.php Show response
cryptocoinsad.com/ads/ Frame E25B 2 KB
1 KB 147ms
146ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptocoinsad.com/ads/show.php?a=253147&b=394332
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/Themes/basic/static/js/chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.24-0ubuntu0.18.04.17
Resource Hash: fb13c3cbe434759f1ee567660cfc8277250c7a3e81c4e025ae5014fe417edcf1

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ba94afa2bdd39e0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 20 Apr 2023 00:32:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVqW3WkXMW6ldMfSma8tJ%2Bg%2FWetHxp1s8iytWkhYJpyJkO7weCAXwrwNHSpoUAio%2FgT%2BqwmqEq7jFdrnJdJmLPLz7G9vbxBHROrBzjMYS1ZqgEl%2B2ez5Bynw08wKPgkDDmLYXC8en3LbNPaGK0ag9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.24-0ubuntu0.18.04.17

GET
H2 200 show.php Show response
cryptocoinsad.com/ads/ Frame 1A13 2 KB
1 KB 154ms
154ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptocoinsad.com/ads/show.php?a=253147&b=396381
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/Themes/basic/static/js/chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.24-0ubuntu0.18.04.17
Resource Hash: aae42162a1576ddc488b38fb6022d9c1053191a71742eef11ce71235c8a57b72

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ba94afa2bde39e0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 20 Apr 2023 00:32:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAZYcTZsBeeOhOf505hA%2FQXAePiwwqgI1IppxEotsa4QGFooZ7NyoEZT8GGsrHH73oyezOJV145SJIuwIBCS9lhfDXgaPn5BftX46azjZgVVBl6h4TrSLPpJr1U6PpJ98vAZwdvhgMNY003GPNvxCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.24-0ubuntu0.18.04.17

GET
H2 200 1923848 Show response
ad.a-ads.com/ Frame 211D 12 KB
5 KB 65ms
22ms Document
text/html 136.243.22.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1923848?size=468x60

Requested by

Host: paybits.xyz
URL: https://paybits.xyz/Themes/basic/static/js/chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.22.74 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.74.22.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

2995e384b2095c3d2080465ca06247246fda4ebfa6d33ebb4f2a81fa9e004c76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 20 Apr 2023 00:32:55 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://paybits.xyz/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 show.php Show response
cryptocoinsad.com/ads/ Frame 7F29 2 KB
1 KB 151ms
151ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptocoinsad.com/ads/show.php?a=253147&b=394304
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/Themes/basic/static/js/chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.24-0ubuntu0.18.04.17
Resource Hash: 5a5b733dbc8b52f58b34f0c2caa59d6340080934889299016ba33d6adfeb694f

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ba94afa2be139e0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 20 Apr 2023 00:32:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BT6LBwrRuZK%2F2XYNzaxgA7BM93QH0BhWf21H5HZqlBhr%2B0F4r4XWUR3xdVyAyDlatggF3dUXmG0OJbeN%2BfWytFF0lMy6RbwURERe9WGeH%2B7oQzY4ZGBdvOrEQwehZrFj0OWVt9cGkrQW33XvQZovGA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.24-0ubuntu0.18.04.17

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5E12 48 KB
27 KB 38ms
38ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf7wtsdAAAAACYA8xDhEn1mYpDzU1GUonPIgCSf&co=aHR0cHM6Ly9wYXliaXRzLnh5ejo0NDM.&hl=en&type=image&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&badge=bottomright&cb=fkf9l7v6ypiv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c666850386bdcce72325dde1740c1112323989ee00d9e76ea3b182736b439d86

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QBgH2cFLCuvhLWeDERsfpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26993
content-security-policy: script-src 'report-sample' 'nonce-QBgH2cFLCuvhLWeDERsfpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 00:32:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 wp-banners.js Show response
paybits.xyz/ 36 KB
14 KB 380ms
379ms Script
text/html 2606:4700:3031::6815:2549
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybits.xyz/wp-banners.js
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/Themes/basic/static/js/main.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2549 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 37233c58b616a71373774737d7a9e819c27d52ac7f941a5fbbbe5afe09f74331

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 01 Apr 2023 21:31:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuD8tMw4x8OajuWw3iTVPLE56mO4AKr0dpbUmkCqZvNN3wSICQXR%2BO8bueuX0QegjNTiZGOP2q43BFde0oI7mLwZNFg4wjwGf9xbOpvDmfrIQQyY4JiY01m5q%2Fh62kS2GLJNOIpT9%2Bdu3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7ba94afa4d809256-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Logo.png
paybits.xyz/Images/ 52 KB
52 KB 471ms
470ms Image
image/png 2606:4700:3031::6815:2549
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paybits.xyz/Images/Logo.png
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/home
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2549 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 11d10555229f1da959cea48103bdcfdfb05bcb991e8f7c85e73c585d9b25ba8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 24 Sep 2022 21:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"cf4a-183715b161e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3hhbnVyD83751j99avQZhadK3e%2BKqpwouxBFdOm9%2BLr2X4bCMnzsScUhau59iSbtzwtHUCEIFpV0Sxj4QYEAUdmL3Rsi%2FUajosaZ60P7KwCFdz8zi9aV6N64SRZhxYPmfNvGUx%2FMpsEVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7ba94afa7d959256-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53066

GET
DATA 200
OK truncated
/ 878 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c10dfa916fa68544e3d9e3f1933c8f29565be0f27f2185b69e2c4597b63c875

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 692 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8885355c507556d3ba459725ec8fea0e533ba52536c26260d3d427e69cb8db4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6324d4f5b19324248925444a4560590eae7dd2173e54e3de06525c63fb68e56f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46feaf6331b1a9dce57f8139983138c35e4b398437d1c8c71e8789487a29c0e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0309d220c2e46017dbc9946c2c1091503279b900cd0a8b10e5e58822d6d824af

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 multy
0b07b901e2.42de2de7b1.com/in/ Frame 0
0 77ms
18ms Preflight 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://0b07b901e2.42de2de7b1.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://paybits.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Thu, 20 Apr 2023 00:32:55 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Origin

GET
H2 200 dip Show response
nereserv.com/in/ 0
201 B 140ms
81ms XHR
text/plain 168.119.25.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=0&event_id=baad34d8-9519-4f5d-8167-af69511fa428&subid=1968991694&sid=2846049489&spot_id=330904&created_at=2023-04-20&timezone=0&ver=8.50.1&is_native=1
Requested by: Host: 8c13bf20ce.6ce0a3adc4.com
URL: https://8c13bf20ce.6ce0a3adc4.com/826b4f93bd6a873268fe38be4f9aac9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.102.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 00:32:55 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 multy Show response
0b07b901e2.42de2de7b1.com/in/ 22 KB
23 KB 307ms
306ms XHR
application/json 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://0b07b901e2.42de2de7b1.com/in/multy
Requested by: Host: 8c13bf20ce.6ce0a3adc4.com
URL: https://8c13bf20ce.6ce0a3adc4.com/826b4f93bd6a873268fe38be4f9aac9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 2b546c2613a0d12f8b635a2223dfee34f2a12c2f892b7a933dc406c7fd3fd5d1

Request headers

Referer: https://paybits.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 00:32:55 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 22827

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7TxEM8V0hArCoghkKBW2B72H4DUIvzGhG-A_c938pRdfHvXI3LeCPzek...
https://accounts.google.com/v3/signin/identifier?dsh=S1477233071%3A1681950775591827&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7QtToeO1hAqxI9n5sEdVrriO9e1XzTC9enIlK1uvi2nkHI...

0
0

228ms
228ms

Image
text/html

2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S1477233071%3A1681950775591827&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7QtToeO1hAqxI9n5sEdVrriO9e1XzTC9enIlK1uvi2nkHI13oIqCtfushTjlfe8oDuVKe2oBg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/home
Protocol: H3
Server: 2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date: Thu, 20 Apr 2023 00:32:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FDJgQ23FWtg56iHgM6ciLQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 393
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S1477233071%3A1681950775591827&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7QtToeO1hAqxI9n5sEdVrriO9e1XzTC9enIlK1uvi2nkHI13oIqCtfushTjlfe8oDuVKe2oBg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame 5E12 55 KB
24 KB 46ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf7wtsdAAAAACYA8xDhEn1mYpDzU1GUonPIgCSf&co=aHR0cHM6Ly9wYXliaXRzLnh5ejo0NDM.&hl=en&type=image&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&badge=bottomright&cb=fkf9l7v6ypiv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 21:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 21:33:38 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame 5E12 406 KB
163 KB 45ms
13ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bd34a08f83fed3ced5508056737f9594d36e0e98f0cefdde2b92fbd8ead1bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166600
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 23:06:26 GMT

GET
H2 200 468x60
static.a-ads.com/a-ads-banners/117620/ Frame 211D 156 KB
157 KB 41ms
22ms Image
image/gif 136.243.22.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117620/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1923848?size=468x60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.22.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.22.243.136.clients.your-server.de
Software: nginx /
Resource Hash: d8b5a182bc67221d6aca1ae17ae45734e487e51959af519203bbc0b088b94062

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
x-amz-version-id: LKnGuoVSDoJ.bbTuKu8XrVLG1BNZQuT4
last-modified: Sun, 19 Apr 2020 16:08:09 GMT
server: nginx
x-amz-request-id: 65ZEA1GYSZ791VZ7
etag: "d89cd17d5e22adfb5532615d116d84b8"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 160195
x-amz-id-2: 56Jgox5Q5NG6YPmJ2hgw2oAeRxBKbrzQ0MN5aa0wLi5Hd0PJTcBewrL7t/0LneH6dwhOd3o17to=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 211D 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 25942.png
cryptocoinsad.com/banner/ads_banner/ Frame E25B 54 KB
54 KB 19ms
19ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/25942.png
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=253147&b=394332
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0be64c016eceb1cced69da6018305bdf12a195836222ef2459e2fddf969e632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=253147&b=394332
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 10:44:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6683
etag: "64392e78-d73a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RR8rPCv9YkbsANZfCb3gt%2B8nrRbd2hFAv74dB4hkKRPUXBL0iSok%2Bfc0JgByAhZpk4MG5kmQArcAUq8HD2pYSaGcDb5sUVeROnnoeuSEE8QH4ncZBFWBl%2BesuSmCVtBMVsrUeGrokHW2xJJb6OKnmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 7ba94afb1f00bbf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55098

GET
H3 200 300x250.gif
cryptocoinsad.com/banner/ads_banner/ccsad/ Frame 7F29 112 KB
113 KB 20ms
19ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/ccsad/300x250.gif
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=253147&b=394304
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5b9cb0cf924dc9eaa38ed4cdbcef009270ca7a8d1ec26d1dea66a70a8737f92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=253147&b=394304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 15:12:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7113
etag: "61f55959-1c051"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysFQMaw%2BAT0e5oaVmsWUZIz31hwv6bnoTkHI%2BjlHFyDAYjOmeoIej34Df52MN9dJlMlROva7jUxPk7s93u%2BR%2BVGTn2Rf%2FkPaECk8CNc2%2BAXBnb1LW9Xir5kB%2F0lj1PJEEpk6T2Z3%2BAUf2QcNitNxxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 7ba94afb3f11bbf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 114769

GET
H3 200 468%D1%8560.gif
cryptocoinsad.com/banner/ads_banner/ccsad/ Frame 1A13 72 KB
72 KB 22ms
22ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/ccsad/468%D1%8560.gif
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=253147&b=396381
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dec29b3b4c5ee4344221982c0ea7b3e5b672bb4c7e77f41461eb9eea591b30a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=253147&b=396381
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 15:12:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4452
etag: "61f55959-11e22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3CuDHQ80WJcLYkFSe5T90dF097tJjs6AbzWOJd780e2Vs%2FBtlnZLNcZTdHAKFOfP0EkKoqURubHp3BJUWjkXIMMOgvVhP7Sno%2FKGpwYggpJ48%2Ff6JXHUIKUKGGRNfrUre5XhKTj1Ke9XymMcH1Xcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 7ba94afb3f1fbbf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73250

GET
H3 200 icon.png
cryptocoinsad.com/ads/show/img/ Frame E25B 3 KB
4 KB 20ms
19ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/ads/show/img/icon.png
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=253147&b=394332
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=253147&b=394332
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 11:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6983
etag: "61f52b0c-ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F20%2BpMr730qtRStZAssiIV8J0FOyLQ3C1%2F%2BjlB%2FMyyf%2FJQRpECHpId10K6tgDrcWG86Nwmw0CoIAdQcQwfUhmrOS0qePfImLeOf2Wf8rjSTaIzG5SU2buexwZUz0ipcE9hCzvariF5%2F5RdVmiE%2BJyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 7ba94afb4f21bbf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3309

GET
H3 200 icon.png
cryptocoinsad.com/ads/show/img/ Frame 7F29 3 KB
4 KB 20ms
19ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/ads/show/img/icon.png
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=253147&b=394304
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=253147&b=394304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 11:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6983
etag: "61f52b0c-ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMiUFohKPMM7We%2Bwx3FgL0elKXlu2O%2FjuB%2FdO50tTfN0VE%2FQW0r4Bfi87o5I3Gk6ogZaC8gyeh73vTlvz7AH%2BNt%2BIDHtpVinrzemYfQYVj1s0IAVsSMTGfE9FRQuiDQW97gTVRYMaNBzIey6IUkb2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 7ba94afb4f22bbf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3309

GET
H3 200 icon.png
cryptocoinsad.com/ads/show/img/ Frame 1A13 3 KB
4 KB 18ms
18ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/ads/show/img/icon.png
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=253147&b=396381
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=253147&b=396381
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 11:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6983
etag: "61f52b0c-ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggo0nVZ7JnblZR2iD4zTtkNRSivcnAQPHEj33YbJXPwf38KC7BtSl203aB4BRiP%2Ft1foqqHNZfft2nt3nvUBmWak7BvQwgRfVAWZPgC3%2F%2BMHx7HhuUO0nW0doGZo%2Bj%2BOLKgNzqrDq5KKg5jjMVHkEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 7ba94afb5f2cbbf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3309

GET
DATA 200
OK truncated
/ Frame 5E12 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5E12 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5E12 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 455263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 21 Apr 2023 18:05:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5E12 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:11 GMT
x-content-type-options: nosniff
age: 167504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 02:01:11 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 5E12 102 B
134 B 23ms
23ms Other
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

52b6bc2da1a35ad6706eec5961272fd563b4b06da757483fb36dd4a72716bd12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf7wtsdAAAAACYA8xDhEn1mYpDzU1GUonPIgCSf&co=aHR0cHM6Ly9wYXliaXRzLnh5ejo0NDM.&hl=en&type=image&v=6MY32oPwFCn9SUKWt8czDsDw&theme=light&size=normal&badge=bottomright&cb=fkf9l7v6ypiv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 00:32:55 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame E428 7 KB
1 KB 27ms
27ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6Lf7wtsdAAAAACYA8xDhEn1mYpDzU1GUonPIgCSf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4020cedb5855a250bcf1592f7ad6f84a4619a4295dde8f7f6b6a0e08fb5e263c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BEmVZQe5XZu5puTXDNGF2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1114
content-security-policy: script-src 'report-sample' 'nonce-BEmVZQe5XZu5puTXDNGF2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 00:32:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame E428 55 KB
24 KB 13ms
13ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6Lf7wtsdAAAAACYA8xDhEn1mYpDzU1GUonPIgCSf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 21:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 21:33:38 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame E428 406 KB
163 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&k=6Lf7wtsdAAAAACYA8xDhEn1mYpDzU1GUonPIgCSf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bd34a08f83fed3ced5508056737f9594d36e0e98f0cefdde2b92fbd8ead1bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166600
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 23:06:26 GMT

GET
H2 200 US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
static.bookmsg.com/creatives/US/ 590 B
747 B 48ms
10ms Image
image/webp 94.130.197.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?mlf=1&cpa=6a45c3c3-9858-4528-be44-11595de4e1ae&mlc=1&format=default-slide-b_r-body
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.197.140 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.140.197.130.94.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
server: nginx/1.18.0
etag: "5fbd178c-24e"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 590

GET
H2 200 US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
static.bookmsg.com/creatives/US/ 590 B
746 B 49ms
11ms Image
image/webp 94.130.197.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.197.140 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.140.197.130.94.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
server: nginx/1.18.0
etag: "5fbd178c-24e"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 590

GET
H2 200 /
0b07b901e2.42de2de7b1.com/in/show/ 0
201 B 46ms
12ms Image
text/plain 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0b07b901e2.42de2de7b1.com/in/show/?mid=221077794470080291&pid=0&site=native-push-mainstream&sc=DE&usage_type=DCH&subid=1968991694&sid=2846049489&cid=14623&price=0.0011390000151004643&is_cpm=0&cpm=0&ecpm=0.06086205592684107&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=1&ver=8.50.1&ver_c=&refdom=paybits.xyz&hostname=auc-inpage-hz-5-c&site_id=31330904&spot_id=330904&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1682037175&created_at=2023-04-20&is_native=2&auction_queue=0&burl=OGThVh2v2lLfXgbESZG9EFQXsChpPBVDMaZXj989N-lRMvhCz-xPFg&pop_winurl=&ip=&testab=0&px_id=53330904&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB13-7&min_cpm=0.0007073628964306613&placement_type_id=0&skin_test=0&verify_hash=9f1dddd5b33f70c6843b6004ba1f6418&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1968991694%26spot_id%3D330904%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fpaybits.xyz%252Fhome%26idzone%3D0%26sid%3D1885&ml=&tag_ab=a&original_bid=0.0011390000151004643&user_fp=7544804714893930840&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=6Unz4xFutswGoQRQlnUYYv9yYHaPP-zOUP8wO-c2eEImFYfZ5LwtljBpdChixfS1g6F2szOiJuipHMKJgx435BURItncgf9CADDfn3GTdZyBrDrGJkdDBuieBWaFicggxH5Ns4XFyyGWPEWj7aoVq7jdH3u7ldgGKsCvrYjqRwtDnswhTA&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=2&vertical_id=0&real_bid=0.0010098374133880718&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=&label_ids=83,89,108,0&conditions=dch_ip,tz_offset&need_redirect_show=0&page=https%3A%2F%2Fpaybits.xyz%2Fhome&auction_time=1681950775&show_count=1&mlf=1&cpa=95198931-ad8d-40e2-b9ef-105521d66583&mlc=1&format=default-slide-b_r-body
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 00:32:55 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
DATA 200
OK truncated
/ Frame E1FA 483 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

6351150b145e2t1666258187r6216.jpg.webp
i.cdnkimg.com/auto/192/q85/image/vk/5983/983/ Frame E1FA
Redirect Chain

https://s.viifogyp.com/n/435/pniesytkbfyfyatbpb7fazsmnvtqy72zbjqxq7crmzawm4ytrykdqxt3priget3mmjmvw3qemv6x4wdijngovlc2jgw2lq2hkfkeaxacrnfdckrwqk7z3exi2xbola3illq57sodkyacvwbzcnq63w6njb4u4skuki4atcci...
https://i.cdnkimg.com/auto/192/q85/image/vk/5983/983/6351150b145e2t1666258187r6216.jpg.webp

9 KB
9 KB

8ms
7ms

Image
image/webp

45.133.44.37
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cdnkimg.com/auto/192/q85/image/vk/5983/983/6351150b145e2t1666258187r6216.jpg.webp
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/home
Protocol: H2
Server: 45.133.44.37 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 1cec85e404e543a8d14e8bc5aca13acdace8d4de8c0d8fe090dc2e51d6139969

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Thu, 04 May 2023 00:32:55 GMT
date: Thu, 20 Apr 2023 00:32:55 GMT
server: nginx/1.23.2
x-cache-status: MISS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
content-length: 9080
x-proxy-cache: HIT

Redirect headers

location: https://i.cdnkimg.com/auto/192/q85/image/vk/5983/983/6351150b145e2t1666258187r6216.jpg.webp
date: Thu, 20 Apr 2023 00:32:55 GMT
server: nginx/1.23.2
content-length: 0

GET
H2 200 /
0b07b901e2.42de2de7b1.com/in/show/ 0
200 B 30ms
13ms Image
text/plain 2a01:4f8:252:561a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0b07b901e2.42de2de7b1.com/in/show/?mid=221077794470080291&pid=0&site=native-push-mainstream&sc=DE&usage_type=DCH&subid=1968991694&sid=2846049489&cid=2316&price=0.0033499999251216657&is_cpm=0&cpm=0&ecpm=0.014507612288342206&crid=&crtid=55142510ee760a08da44b25373e89d30&tcid=0&out_id=0&ver=8.50.1&ver_c=&refdom=paybits.xyz&hostname=auc-inpage-hz-5-c&site_id=31330904&spot_id=330904&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1682037175&created_at=2023-04-20&is_native=1&auction_queue=0&burl=YcNXhZc0NLAEMyYuEkbuuKuK0552piUCnraRh8sVwLbtIuWJWv8xgg&pop_winurl=&ip=&testab=0&px_id=73330904&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB13-7&min_cpm=7.620306213109662e-05&placement_type_id=0&skin_test=0&verify_hash=273630c60a3fdb1c132c7a4d79a50fb6&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1968991694%26spot_id%3D330904%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fpaybits.xyz%252Fhome%26idzone%3D0%26sid%3D1885&ml=&tag_ab=a&original_bid=0.0033499999251216657&user_fp=7544804714893930840&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=Ha8MDcJR-hfHoyiUiTmy1NK6SytGei93wuTyD1uJmMOvzCOHeMMBtDbJGYQ1KfQDBr7k0rIqBMVRMc2FvL80sIE_7e1TAAiU9c_IvRQVfTQAzd7VH4Vsx6zOwDJxPlMc8gMWU8l0MEti8aFrkttusak90_BFGR7WBEMy6K52pe5v8OAv_wud7490E9AtHpSYhjor9pBvW-lhoejTMQa6NPHw6en9m7OtGAxHsx6p7vX8wYHLuE_Pp9iqWix4M8MFid-ersXV5r-8qpw5dfJcRttl5Q4O7EFbHBOIrzGCorObHUY6PMrxHJ4UTsRd8Cyln0kc6bvObG34j_RhdSmpU33vUoKxDQcds8dsKEhbD0MN9njKv7nynxg4xS_2orK7ckpD9cvs9Ns2TEgrtDckQnDnaZGQ9GxRzlyzk6_QAi8Nnuhc0EwLdoLRkaYt0D_qqXimEHWZ7pTs-U2pymMAmd5J0qi07-yhrBzpVVRbAi_z8KPqicAJ1n7aQO5jP3Vyi_ICpA-8C91danItzthrrPYFaPZEUUnZ3ehO-SUyXY_L82w-pCZeJIhQMjf2LfQXFeqsCJJ7RwMJdIok4h6-id4LCpaCxcbqJ4nmvaWBAuKvJTg5YSycVB2qgJV7gdsClfaXbYEgvgC8BIz4ocARH_BAFft35TKJQ5LOtGdUTDbwZ0Jxkri89uy048XgfSlnTWghV5p2zFV8YszfQZTKU9uXq8vV_iKT8oQSZMcrHHI3hMB2tmDLl-c-fLrW2PKORuWyCYb17RKrbe7wk8HKhDwFy5rvaHEUXwaYPAkFH7CvvEyTqkI0CoedEl_v0VK3vcUA0Y_qWeZoyAMNr9RnG5b4-7AybRvHU85D05YP7LtzFPE2OorLOUOgs-DrzZja2o1gW5lfjNU5AhFVEZej111_P57EokzOEdL9TlY4Sm2nnLelCjovaEq3e_qkVQVGa4oMpGECh8HGyJltBz5PazIeLAue5hfFQLlHOHrv3l1pq1zk1Z5HDHUp3PjLys7NjeNV6PZmy8uKmjviFXXfFHryG2YN0GaiPdApGblveT5hM33oQE2zvao1VUk_wIHGdiMBYTRtDkA_SuuYD7n3oRkuDfvq_Pgyfg2QzKCLa3etfP6RaBj-uPyl_oKufcyXM19M7U3sou5B9m6dc9dE8RHBrqAe7bPHsEpy8CJsJxvHOolcFXH1H1o&image_url=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fq85%2Fimage%2Fvk%2F5983%2F983%2Frect_6351150b145e2t1666258187r6216.jpg.webp&skin_id=2&vertical_id=5&real_bid=0.0022344499500561513&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=&label_ids=5,83,90&conditions=dch_ip,tz_offset&need_redirect_show=0&page=https%3A%2F%2Fpaybits.xyz%2Fhome&auction_time=1681950775&show_count=1&cpa=63e0dd19-caba-4a42-9c17-baf97dbb0d5e&format=default-slide-b_r-body
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 00:32:55 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
DATA 200
OK truncated
/ Frame E1FA 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E1FA 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E1FA 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E1FA 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E1FA 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E1FA 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E1FA 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E1FA 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 270a637e9c97cd0ce2b8860fdddf496b483ce586711e1fb7527eb8c5e0d5746e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E1FA 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a222ed6fc63d91d555c29e1880905ca4340fa8c23a1f6d2d58c6048b14ee3d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E1FA 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dacaa045e8c49aa1c688ba2cb6e436a0b180a96971d8ca842f7948cc7d2ca08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E1FA 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E1FA 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05882fa4e821333fb62a4a8d07b7c451e6efbabfa9f3d4946ba9cb54dfb0f04b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E1FA 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E1FA 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E1FA 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bbfdebcfc2568412d851a7de0def80e6e12bbf31716f940d9f5bfcf354344a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E1FA 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rect_6351150b145e2t1666258187r6216.jpg.webp
i.cdnkimg.com/auto/492x328/q85/image/vk/5983/983/ Frame E1FA 16 KB
16 KB 36ms
6ms Image
image/webp 45.133.44.37
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cdnkimg.com/auto/492x328/q85/image/vk/5983/983/rect_6351150b145e2t1666258187r6216.jpg.webp
Requested by: Host: paybits.xyz
URL: https://paybits.xyz/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.37 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: 3151c6914dfaa08ce8ed67e524c8a98bb327044d71de484a1713ef4a319d99ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Thu, 04 May 2023 00:32:55 GMT
date: Thu, 20 Apr 2023 00:32:55 GMT
server: nginx/1.23.2
x-cache-status: MISS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
content-length: 16488
x-proxy-cache: HIT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 63ms
62ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230417&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6366f464885ecf92d1de07c3ee1265257f589a80db5e9a89c06d81e966c0ec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11342
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 78ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Apr 2023 00:32:56 GMT

GET
H3 200 show_slider.php Show response
cryptocoinsad.com/ads/ Frame D101 2 KB
1 KB 138ms
137ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptocoinsad.com/ads/show_slider.php?a=paybits.xyz
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/js/slider.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.24-0ubuntu0.18.04.17
Resource Hash: 5a5b733dbc8b52f58b34f0c2caa59d6340080934889299016ba33d6adfeb694f

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ba94afeb93fbbf7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 20 Apr 2023 00:32:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRphJ03kfqJncFZs3JU3YPlchbeXqdCcOjnj%2FuzCFLUiRgV9cF%2F2jQs3B7wg7jW2bSiNkFx2Pm3D8e%2FPe9VvgQTihDQrtKc44yChtaamp9l%2BU93NC3%2Fb%2Bft36vp58GjkQbE9wfzceocGe6%2FFChYY7g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.24-0ubuntu0.18.04.17

GET
H3 200 close.png
cryptocoinsad.com/ads/js/ 2 KB
2 KB 15ms
15ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/ads/js/close.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 447ae14eab2a2bfc14aeaf412f240b11f911a153c8035ca18cf28377d0c1ebcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:56 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 11:54:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2837
etag: "61f52b0b-6f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66DluKEv7FQj%2FITSr1h%2Bw3vwskFws4JkTZ%2FjDRonc8p5DddXLtfqLW5KkbnzybNvJknfSeQKimoxwDRdfQIfB2JUYp%2FQ9iqRa2tMxcNf3LH9Ase1vVemmk3fuIk14GSIgsGYElx3ErYieuDMexVZaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 7ba94afeb940bbf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1776

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 015F 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 18:52:59 GMT
expires: Thu, 18 Apr 2024 18:52:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9DA2 783 B
534 B 27ms
27ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7b349427f71bbff635c551b8dd15c3e09865ffee793bb9a340f9898bde3c6745

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aPFgnjioiY6CbU4asj91Ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-aPFgnjioiY6CbU4asj91Ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 00:32:56 GMT
expires: Thu, 20 Apr 2023 00:32:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9DA2 0
0 48ms
48ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230417&jk=1010255634599963&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js Show response
pagead2.googlesyndication.com/bg/ Frame 015F 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 08:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14442
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 08:50:08 GMT

GET
H3 200 300x250.gif
cryptocoinsad.com/banner/ads_banner/ccsad/ Frame D101 112 KB
113 KB 29ms
29ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/ccsad/300x250.gif
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show_slider.php?a=paybits.xyz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5b9cb0cf924dc9eaa38ed4cdbcef009270ca7a8d1ec26d1dea66a70a8737f92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show_slider.php?a=paybits.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:56 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 15:12:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7114
etag: "61f55959-1c051"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFjM1C6Ra77qwjKAIFdps1g52BVBJ023aCbyQVoc3U1a3rp3YpJY7GV%2FO3Sh%2Fpm4FYjLQt9VVXWlMQ%2F6Gfgab5Si73hvW5Mi3kTYf%2BCmuwVjOEHL0QJWlCT76LEFxZwC%2FbAi4jcXdiqb9aDjBVsHhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 7ba94affba80bbf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 114769

GET
H3 200 icon.png
cryptocoinsad.com/ads/show/img/ Frame D101 3 KB
4 KB 14ms
14ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/ads/show/img/icon.png
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show_slider.php?a=paybits.xyz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show_slider.php?a=paybits.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:56 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 11:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6984
etag: "61f52b0c-ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhwvZB1JZPWIGTdRRr8jkqImPVonpo1sWiYO6a5gb9aSi6MwKaG2EXiZFH0skN%2BDQhTM0QUeLtCrRB8VCIfdsxhQGHIzziXAi4fzfVieNOsVW%2FRXjp2dK%2BL%2F%2FEV4AHk0QpV6Jxv09qG3s7KbQPM6qA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 7ba94affba81bbf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3309

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 015F 0
10 B 14ms
14ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?06Ufcg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:32:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230417&jk=1010255634599963&bg=!ysmlyZ3NAAZA7GLoYOw7ADkAdvg8WlhIwEVEnreSiv2p0vCdDl8Zepodx1iD5dSZ5gc_z5QL91UH-w_xE4ByW58mJbbWEbNGkOQCAAAA9VIAAAACaAEHmQLF8JggebYfcbFTnGxhTDO2-MgqPprDa0J1KY9z2tY1wCdyR4UnmhX81XyDyWiEWgyou4ixDIPYt10ywyEMy5dirgTm9_dnxLVQYLTEjG_030657xFhO_XiCCtJS4_CIKuLnCnYct_53-E3mt8hUK5fAp_UlgnxF0L4P9acxqLeqyobOZSFztjvHTGhneqC8qEOWCT9MIzt6Oq_Kyp7xq0Utd9bjK7ICIpBsQJj7_60ijtRLTu_PAsdK0PIDkAog_VxlOTpnXjHlz-imqAjjZufgLIwliA5tBQdRgxXLFELrsJ6NP0p3jlGfFaj6hc8cq1egZ-1YKGsiOeHak61NsGOyQJkVWudYgYuDqLP82UbbPvv8TlkTu-aCsonYq8UIGiyjZyV35a_Wfi89O4e_8QL8QDLpsi6m0yKa8S8DcGeP5OCoKVgGQyr-P6LkO9NjmUJOQ0k_5yIsV19Lgsy3S9xZvX4EmUgDzNBljocd-sc9LEKZHviB0_V4c5F6OcuYeN-sPP7DqGYs8x6XhAz8qBroSBaj9APmoEhkMTIKmbksvmsjnH8GSawhd6NXlB1QiyW6bLsB7XrEB5b64lpXjhZCTeNLbQ-tf9dF41eqUviQvq-TnSAbIbi8TLYhG5F4anM_zwagNDTFEye8ZJNrjtpVFa-A0uAr0n902GRwMJzeu7vtayvw446bhS--NjihxDtd_M5jRsE9hFr35hh5jwGoMz6CpWpi7uqmZ7ejPKJvYYw-qOV1y49tDSlRHPuR41raIANblhtOJmaFaBcNlFlURxHLYkTMhNiOL9XYdixJoUDyQAcmNCVEBpEpFyvb-42kTjWfKz5hHyqOdPDKl0xycJQ50gAsMCIufOAXB08ESArXC1yIr7LSv01ZxxV1GEmwx-Oga8R-JycbKV3KpHKrAEqR2P2__yZlzok1Vg8DiiddTfGkA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paybits.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 17ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DQ4LF88TWF&gtm=45je34c0&_p=444827760&cid=424828537.1681950774&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sid=1681950774&sct=1&seg=0&dl=https%3A%2F%2Fpaybits.xyz%2F&dt=Paybits%20-%20Cryptocurrency%20faucet&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQ4LF88TWF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paybits.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 00:32:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paybits.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
33 B 46ms
46ms XHR
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23656646db8f24%26domain%3Dpaybits.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpaybits.xyz%252Ff28fa62513453d8%26relation%3Dparent.parent&container_width=4000&current_url=https%3A%2F%2Fpaybits.xyz%2Fhome&event_name=chat_plugin_sdk_dialog_iframe_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=c1bf5ac0-fd40-4f7c-9ed1-725a4c07995d&page_id=106982865257240&request_time=1681950783161&sdk=joey&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 00:33:03 GMT
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: L2RUqLrFjBD+IFJDJOooSA1PAzzn1zVxwRzuY0aRCvBTty91+YtMBTfHCvTEg++3jNbiEYo1T24G+6jsx+ZBcw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://paybits.xyz
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 customerchat.php Show response
www.facebook.com/v16.0/plugins/ Frame E9F6 97 KB
31 KB 151ms
141ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v16.0/plugins/customerchat.php?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23656646db8f24%26domain%3Dpaybits.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpaybits.xyz%252Ff28fa62513453d8%26relation%3Dparent.parent&container_width=4000&current_url=https%3A%2F%2Fpaybits.xyz%2Fhome&is_loaded_by_facade=true&locale=en_US&log_id=c1bf5ac0-fd40-4f7c-9ed1-725a4c07995d&page_id=106982865257240&request_time=1681950783161&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f9c5ffd8660095ded860691a76f876188077c337bd274f73470d6255f56db6b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://paybits.xyz; default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: frame-ancestors https://paybits.xyz; default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Thu, 20 Apr 2023 00:33:03 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v16.0
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: /k3PgD/MSR1M9XLKusM8jnDrNdLa+zXR+sC6a6AYTc/TxlZJ8NB+ALBxIdTmIVRZR69d7YZSzfu7a1YJk+E3gg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 x2Iq23ZR2Vd.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/ Frame E9F6 19 KB
5 KB 28ms
9ms Stylesheet
text/css 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/x2Iq23ZR2Vd.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v16.0/plugins/customerchat.php?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23656646db8f24%26domain%3Dpaybits.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpaybits.xyz%252Ff28fa62513453d8%26relation%3Dparent.parent&container_width=4000&current_url=https%3A%2F%2Fpaybits.xyz%2Fhome&is_loaded_by_facade=true&locale=en_US&log_id=c1bf5ac0-fd40-4f7c-9ed1-725a4c07995d&page_id=106982865257240&request_time=1681950783161&sdk=joey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8043c183e8d6ea8373ffef620de93216ec7655a9047ee5346c3852df3eedad22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TIrl0BC2xnR7MoPkI/ToVw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4911
x-fb-rlafr: 0
x-fb-debug: VZxR1aoKoAJeroxcYqXlCDxu/RknblGfCGWqSRR32xzXkzLjeuNzYLuLu8mjR3LYFr0nveN4JtRGW2YBW0yV3A==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 18 Apr 2024 18:04:09 GMT

GET
H2 200 k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame E9F6 2 KB
1 KB 29ms
10ms Stylesheet
text/css 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q6bCky1+00PrRbx3auADnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 833
x-fb-rlafr: 0
x-fb-debug: 18XrSabnkXwL8QLqFNbOQoMxh42rU4mIz603G9LeLPkrRKKaCDCPTrG1UaKmMyiPH7M7R1JjTZdSSE++FNHJlA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 03:48:51 GMT

GET
H2 200 Lg_9LIv3_13.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame E9F6 304 KB
80 KB 29ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46f50f887596a1e4631662913dc500cd54339f512b413894f38972eff36082af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: tpQnI/ArsxXImeleZMcX+g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 81721
x-fb-rlafr: 0
x-fb-debug: kosnKNZKyx0JtG1VNkAEX8pmDbVL26Lnhx7T7CKrgf3j5zw11PrNTkG5TXkjxP2luzTvxyX31QR4/MuLhEPBfw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 18 Apr 2024 21:45:57 GMT

GET
H2 200 r4a3QRhOoun.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame E9F6 5 KB
2 KB 29ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/r4a3QRhOoun.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9e69e15d6ef8ea1c7a0590b19efa29323f4ba40f3af0bcfc665f1c35ca50c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7Z5vEhjBpZ5QNJQY63PI5A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1755
x-fb-rlafr: 0
x-fb-debug: Ad35hoDCrZkx7Yb5fGeEUhXGaB5DLhc/3+mOByu89EGeASyrBY7qvozEBngw7TJpwpHYJJqjMpgl0/ri9sKCfA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 16 Apr 2024 19:01:20 GMT

GET
H2 200 TXms_HrZwKP.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame E9F6 57 KB
18 KB 29ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/TXms_HrZwKP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

30a288f4b8350f8121ceab4313aa78320d3a313c7425136323191ced5b6a0b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5xeNXxWs1OEER8b29ktDpw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17978
x-fb-rlafr: 0
x-fb-debug: A1fnrIaD77GfiM1rKQ+HfCHLULMsR9w967wW690TMbbdSBseMpbQhjZRkDOupAYAFLFjZwqsYUsmuP7if8/8sA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:14:32 GMT

GET
H2 200 q55PMpzZgkW.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame E9F6 55 KB
17 KB 47ms
28ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/q55PMpzZgkW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f7cf499374cfb2383a6986a2195b4167801dc98421d3fecfb4a86fdd08734a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4bPG9qP7lYdgXiSXb3qODg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17489
x-fb-rlafr: 0
x-fb-debug: ErIeC20UJcPtfm1bN0kxhY+NfSUy5jZXvfwp86N2hFXjZqbqn5Tsfku27hDIztB0j+PCpFQheqOI8CnU3QlBSw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 18 Apr 2024 00:33:03 GMT

GET
H2 200 3O0sDw2xUF8.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame E9F6 36 KB
12 KB 47ms
28ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/3O0sDw2xUF8.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaaa0ff9b82c2abeb10c02ef85dfff78f566fd82ee938963327548dc9515856f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LmMtotblgK6uQNMHaWD2jw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11971
x-fb-rlafr: 0
x-fb-debug: t/F4sXuN8Jh8n0jRAOYxOIQFWQC/5GP9pmeqvgKg/+Ka2KqVFfJgFgNHQiPqYqZxIn6WinHuv4HJWTEEB92OhQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 03:48:55 GMT

GET
H2 200 X-pSDUbolCc.js Show response
static.xx.fbcdn.net/rsrc.php/v3iYjL4/y7/l/en_US/ Frame E9F6 902 KB
145 KB 47ms
28ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iYjL4/y7/l/en_US/X-pSDUbolCc.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da92933dd66491210befa7eb1cad80303c69cf9493e495f67b1903895c949ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wWreAI+i7VEQw3Itn93btg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 148126
x-fb-rlafr: 0
x-fb-debug: tVff6/RT0xHp8yvZhFw7xzZ77Pqzg8sXKXuo5mHq3DAdWA4UEg1+fYT5WgltZdgeeORbynga2Nwi/bRfykWDuA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:23:45 GMT

GET
H2 200 W6KJdIJLkRh.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yz/l/en_US/ Frame E9F6 76 KB
22 KB 15ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yz/l/en_US/W6KJdIJLkRh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d117928846582406e242699366dd95dac705111b5f703bb46d674548dfbd279

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: A5E9FDS7olF6m7So7uQ6fQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22461
x-fb-rlafr: 0
x-fb-debug: hVNTN7073fgCW9sf1HiI5TmxMWrdn6Ee1jFzLJS9X5Dsa2sTKSMKS0s4GbAvxBRx/ZNrnuyjWwYNQauZ83B6Lg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 17 Apr 2024 18:53:01 GMT

GET
H2 200 mqEeB3y79as.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame E9F6 34 KB
11 KB 14ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/mqEeB3y79as.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9287b5f3056090976408079dd7788ef61d548ada148172764c1548f00037a3b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3SHXfXYFdFhPS5WBn5rm2g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11301
x-fb-rlafr: 0
x-fb-debug: 5yLwuKikDNPFvZUKk9/mOCt0mZiacb10Ckt1Jq4ocMKzScKsHq30c1HT8A3cwq3o2N7h0hhCmYL2Sc/o89JbGQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 16 Apr 2024 19:01:20 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame E9F6 507 B
485 B 14ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: FLsvEIGgE7ETCT55dwmW07up0dOGIwIgZE0wd9SP5ldL1wPVjJSYxY2t4HAz4FIb6NhGM1kUtjsbkYw4g6T6iA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 03:48:57 GMT

GET
H2 200 RA7i2ehz0Vd.js Show response
static.xx.fbcdn.net/rsrc.php/v3il5S4/yF/l/en_US/ Frame E9F6 437 KB
104 KB 18ms
14ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3il5S4/yF/l/en_US/RA7i2ehz0Vd.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0509b21e65eadd03ae4a70523e109f31adc49e3ca5394a080ddf04b8017384c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: K1JSPYfertaNzMBnfKAT9g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 106278
x-fb-rlafr: 0
x-fb-debug: /yDQPAwiHcBKFBfkvGOZNZeiQPAs/YC2O6mLief0IYNJ+Y/cwHHMOY++kwINQP9GuL+K9dCYHxcLVSJg8aoNZg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 18 Apr 2024 18:04:18 GMT

GET
H2 200 G_cSoAztzdC.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame E9F6 27 KB
7 KB 14ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/G_cSoAztzdC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f971cb967dcad04a8841f828a2de1be5c99abec685ce5dadb449b5e36c217dee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MzBmMfp4vjooX85fINNmZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7322
x-fb-rlafr: 0
x-fb-debug: 9LTmRivWSfeXFaC0+Pz3DpJZbxQFAJupxXa2vGZ0Wxr7XwRul752gcs2mHzIXLlRf7ffYWG5faaPMZdGgftwVw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 20:21:00 GMT

GET
H2 200 jRPj-Zuu7BV.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame E9F6 17 KB
6 KB 15ms
11ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/jRPj-Zuu7BV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d1886373b1a0ae479e6d2f6fc0b9d84228dc17feca62e069aa2074393531a16a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QjiVD6TFir4rFGRFxH2p7Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5961
x-fb-rlafr: 0
x-fb-debug: 6bLIeWNGMmk4QeAWGnICKa/k/eXYnzyQREJ6CUhIFVcpf13R/5vrg31nWO8RjPbVC8XJP5NYX3Bwm/EYb8ZHxQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 18 Apr 2024 20:02:46 GMT

GET
H2 200 h8ulkmpky8f.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame E9F6 55 KB
15 KB 24ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lbhbphR1BNPxW6RqDJiiow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15174
x-fb-rlafr: 0
x-fb-debug: ccsSr5oBGNzaDp1Nf7Rn3tL+/KfUFiCKV3A1Tj7+63ge/UacSV0lFPBLd4sWvJUGV4/tFQy01Dv1CYa5Cfyp4w==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 03:49:02 GMT

GET
H2 200 Mx73slMhfF2.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEBX4/y9/l/en_US/ Frame E9F6 53 KB
16 KB 25ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEBX4/y9/l/en_US/Mx73slMhfF2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1b61a608f0ccf9c5629df73b1c59d8227b02796f62501e9a932953e76459368b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wTjjb2kDx9dszIAkwRvZcQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16261
x-fb-rlafr: 0
x-fb-debug: jTZEEcAdeG3aexZvtFX9oquzCJ56yWZVriQLRo6/NDLIlJUS2hR3PudKAr4zbFr+GxhLTSS+7SO3wPdfJm4zSA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:23:45 GMT

GET
H2 200 6c4xucucgO9.js Show response
static.xx.fbcdn.net/rsrc.php/v3i59j4/yJ/l/en_US/ Frame E9F6 410 KB
96 KB 26ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i59j4/yJ/l/en_US/6c4xucucgO9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e792001c1f9e88775b90e286737f006bc320f24d54052e311c2fba976f244ddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wBZ6hUssEtT9ZN09VB8eEA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 98566
x-fb-rlafr: 0
x-fb-debug: B862G0bRBBEq7g1ljhRjNVqbVYNpbsCBn0/po8RyRCiqFgXuZS+y+duxPCWAYEupw8p+GdGdhBBOgOntJWJrag==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 20:15:53 GMT

GET
H2 200 wFDi4gNQG6i.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame E9F6 335 KB
73 KB 26ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/wFDi4gNQG6i.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1519f65f0646c7ec878163cb3a7034c6db155f9243ae1208e3b3ad3bbd5ad503

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +o34IKUMS7CgN5ozA9WUtw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74026
x-fb-rlafr: 0
x-fb-debug: BV5KfQ9r2n8x4NMG/E7Uh9sKPYCV5hnG9lG98oyr/p0bMIhZPPJ5n+0qRmX19mv67Lh9O0EvXew7XxjfKADq/Q==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 13 Apr 2024 18:49:31 GMT

GET
H2 200 BqEjD1dj1pL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame E9F6 840 B
548 B 26ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uknKQ5sJ+8vBWLiIBWWBIg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 356
x-fb-rlafr: 0
x-fb-debug: mswmHgc0lh9/13Am54zJyyjiKZMXdldnEhOCEy6Nn8Souuq2ATRRqEcLMMdPV/coa6Yc4R3oN2il19lS1jhhNw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 03:48:56 GMT

GET
H2 200 a_j0oEz7gHa.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame E9F6 29 KB
9 KB 31ms
27ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/a_j0oEz7gHa.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4eddbf4efafbd36f283862ec31bbafc699fbca5449e16b8dc1f8931ef55c0a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wVRcfyY9t/l48PzOI2tZGw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9249
x-fb-rlafr: 0
x-fb-debug: TvBqFNI9HQiOdaLE02Eg3DYuG7uCK8TCa8iVyvqUf5SnbE1tWpQ5FzcMaom7qpKfUOS7gwBt7SpUYv2eIxICsg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:23:00 GMT

GET
H2 200 VRzSVH5iU-V.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ Frame E9F6 8 KB
2 KB 26ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/VRzSVH5iU-V.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fee4951824a7d0af1a5e35c0464869ca21e1f39f5a56dbafd420f43e225b6f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wqbeqEldNFSkr+lfuxaxYw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2038
x-fb-rlafr: 0
x-fb-debug: uSWaBdbAuhCdGtDaXhapli7VsGu0n4ogMJ2cJTbC5cIGp+HMHRLaCT82lwsm+w0xz4hw6OWoOqfzybDxu7u14A==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 19:34:54 GMT

GET
H2 200 B9rXIRDHKqp.js Show response
static.xx.fbcdn.net/rsrc.php/v3iJ0v4/yL/l/en_US/ Frame E9F6 81 KB
16 KB 32ms
29ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iJ0v4/yL/l/en_US/B9rXIRDHKqp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f6c42c88c9d79776fb1d5618404bceb629242311f8868c1caceafdf530be56f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3HlqyDmM7/hH2D2f46uR+Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15990
x-fb-rlafr: 0
x-fb-debug: aTPQaOnmoPHnbL+FUVVIayT7hd8waIv+OL8WNbf2Q1JQNlx5F46iBWn6nEiG4tYt+bPIYBBRcw4wpHclgHTZGw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 23:24:03 GMT

GET
H2 200 lYejkzyV906.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame E9F6 723 B
580 B 31ms
28ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/lYejkzyV906.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ff7752702f4c4c362f1eaec396e6aac8a0aadf3def7dc0817e558c60ce20f0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: naOE1m8tmTZ0fVAYNsTRiA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 387
x-fb-rlafr: 0
x-fb-debug: tTWTvSiuphMJH311xLWdozxp1XnKtjvZr3SOU6urF+kjfe8Pty2tpoaNaXi/z6jBOIalEG+TO1wAUjgIZ+yCCA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 03:48:50 GMT

GET
H2 200 UCbKgtEtu7r.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/y0/l/en_US/ Frame E9F6 206 KB
59 KB 31ms
28ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/y0/l/en_US/UCbKgtEtu7r.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d356266cbf28b090f7fa6ee9c515390bec1aa129686a1efe76d076690d4af611

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: liTOG76UPKsMvH+tXJ+ruA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 60087
x-fb-rlafr: 0
x-fb-debug: v2xY68pG23g3k0qf2KaydAx/q6thhl8YqUUbLrmbx3CLcnaE9MyIDNJts6gmmOBSKbGHDJrOJMReZDcHHGXAfw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 13 Apr 2024 05:52:05 GMT

GET
H2 200 LMGIKOb1UvT.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame E9F6 8 KB
3 KB 31ms
28ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/LMGIKOb1UvT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1a80dc68c72ce0418c5568bda626571bb82928350a469c3fae760a9b69df1157

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lVWVmy3rzJwaMSH+NOMHMg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2656
x-fb-rlafr: 0
x-fb-debug: hcv8Q6JiT5bUAjcG/r3sKC+k5OMXRPER2FVcYwbns2ytktKAon1qSpTGQX4pX5advmiPGWuEhqOAbmfG+dxxIw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 19:36:50 GMT

GET
H2 200 7TQpq0fzfu4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame E9F6 2 KB
980 B 31ms
28ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TLChQoDhUYzpJFadDZTs1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 782
x-fb-rlafr: 0
x-fb-debug: 3cGlvA+eKSNjvxe9Cz7tlB91Ol+Fuw8hXsu92XEJbu/H4l8A0+xGAWxB7QSdIfKd342D9pskFWn2RhDb10+vDg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 03:48:59 GMT

GET
H2 200 Adhkn1JdEDC.js Show response
static.xx.fbcdn.net/rsrc.php/v3iv4Y4/yQ/l/en_US/ Frame E9F6 470 KB
81 KB 37ms
34ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iv4Y4/yQ/l/en_US/Adhkn1JdEDC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bce716bda4f8fdc0a9598dbbd72e2f51b8a52ba10065b15c042bad9581629113

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xJ6/I3y/moHId7ysUqMiyg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 83099
x-fb-rlafr: 0
x-fb-debug: FR6C4TQ3Tek4zbKpDuSnzW02SItVGekyU9DR/vTNoHN/SZmne4jVagfWafvpQEInFj5oI6gDOUcRPKuGzSLthA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 18 Apr 2024 00:44:33 GMT

GET
H2 200 gjvrnjiEjq0.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame E9F6 59 KB
13 KB 31ms
28ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/gjvrnjiEjq0.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f6f8938b17bc251aac605680661f7fb02f90d89eac64cc10175e7231a3a6431

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FtK+vQE4ZpfcHSXhikbXuA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13169
x-fb-rlafr: 0
x-fb-debug: w9014PGLZlKbRHac/BpP2Vx3sT0QwL4mjwOH0456O2tE2VgnnKS95jJHdX7dAKadFGg3Ng/xqUJE+HCHFDOn8w==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 23:14:26 GMT

GET
H2 200 5-CNhD1hzUM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame E9F6 428 B
480 B 31ms
28ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/5-CNhD1hzUM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c56420aa6e76f95c2fb963542860396f5e291e6ddc7f567eb804c728c95264df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HPVWKQMGihjWtna7Mz5uZA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 281
x-fb-rlafr: 0
x-fb-debug: OS4qrrE2sLiRxU5bfTEUrdakTFcmBbMk7vyMG2R1dU6co26r8IlQgMJEJFeX6jHsmqBfhfgk5yCaQyU3AL77ow==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 18:53:34 GMT

GET
H2 200 HDiX03ZTkcn.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ Frame E9F6 119 B
308 B 23ms
20ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/HDiX03ZTkcn.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

026a93aa9eb9fb7408da6d1c479478fdc224197deea3d94405b72bdb8977c8c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
x-content-type-options: nosniff
content-md5: LHjvarTpCC23Uc+GxQC+AQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 119
x-fb-rlafr: 0
x-fb-debug: Uh6OazbEX983hcSJS6W0GtkrsA6y3ZwiuZ4bko88+XHsr503YcmOR0suMN64olrknsOrK37y9BKo5MJw/eSj0A==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 23:11:33 GMT

GET
H2 200 Q-AZnnCI92F.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame E9F6 43 KB
8 KB 11ms
8ms Stylesheet
text/css 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/Q-AZnnCI92F.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

10c1446372d57001bd0b5bf971bce85d61a6291f44008adfe91f4bf21c7fcd84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sjL/MQ+Di61viiEdMMZxbQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8455
x-fb-rlafr: 0
x-fb-debug: Z7UHhNWh+ktGrMjrgc2NmvQBM1y4W6SSza5W95RLH5/JtArYebFkKaiL2mUn0JpnoeeZ8q0dNoXI9hHLS73xUg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 19:36:50 GMT

GET
H2 200 -CMTlMwVgKQ.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame E9F6 19 KB
4 KB 13ms
10ms Stylesheet
text/css 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/-CMTlMwVgKQ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a3e3d168d0f2ef0d1a167b1bfdc41e5aba06ec3769d95f110071b41ebc508e84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: I2I7PYEhA3MtihIdM6oiNA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4355
x-fb-rlafr: 0
x-fb-debug: zdDYTvb1sXC8Rh73IvFXppW53l5V4ATn17qiuSZiE/9Bt4Dx+Iv8N/8D90eKDJCuEFkfoJ/x9aJtCYrAawQdvQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 23:22:56 GMT

GET
H2 200 NK2mps8ezPf.css
static.xx.fbcdn.net/rsrc.php/v3/yI/l/0,cross/ Frame E9F6 512 KB
131 KB 18ms
16ms Stylesheet
text/css 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yI/l/0,cross/NK2mps8ezPf.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0790bbbc8460ebf0668ff0192b6ecf0c0f6bed7aedf59cbbbed49bf54499f2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4/iORxtFK4SRtLbquIRqzA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 133554
x-fb-rlafr: 0
x-fb-debug: 8g5xiUXR71tJf3vjdPE4mIXBvdN0rFONi4IaEkuRNAtXXAbkGrKOCCOqu7iVn31bVYnKYlilhDke4CoM+oetOQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 18 Apr 2024 20:05:49 GMT

GET
H2 200 2wBOEq0bDFz.css
static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/ Frame E9F6 2 KB
1 KB 11ms
9ms Stylesheet
text/css 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/2wBOEq0bDFz.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Lg_9LIv3_13.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8c7023886fc9a43b078d04a6f02e3b379d2ecd4eb9e217389ce2a3aa013bd3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: m573IFU+7ri3gEZzQVGQgg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 852
x-fb-rlafr: 0
x-fb-debug: 0tfkRj4JTDl/7oFEdWLl+e7LL6d0UDdnqzorjU4/Zei2SlABeqgGHtFzqiGqtL24gR27vifkdxiT1kxcPG/Qog==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 22:33:30 GMT

POST
H3 200 / Show response
www.facebook.com/plugins/chat/tab_impression_logging/ Frame E9F6 113 B
134 B 39ms
39ms XHR
application/x-javascript 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/chat/tab_impression_logging/?page_id=106982865257240&event_name=tab_impression&request_id=a468e735-3edc-4300-a833-3efbf0397586&plugin_interface=desktop&user_is_logged_in=false&tab_name=welcome_page_with_guest_option&loading_time=37&button_names[0]=chat_in_messenger&button_names[1]=continue_as_guest&debug_data=%7B%22fromTime%22%3A1681950783576.3%2C%22now%22%3A1681950783613.5%2C%22loadingTime%22%3A37%2C%22clientLoadingTime%22%3Anull%2C%22hasStorageAccess%22%3Atrue%2C%22screenSize%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22size%22%3A%221600x1200%22%7D%7D&event_timestamp=1681950783614&is_new_welcome_view=true

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yz/l/en_US/W6KJdIJLkRh.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

51fbdb907b2cb9a66aec46c76a67db63543831bb18a400436382c227368327cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: FDKoAy4XiEKgV29bVeLmyB
Referer: https://www.facebook.com/welcome
X-ASBD-ID: 198387
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 00:33:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: kTlPmSQD50PFvG+sAxiMPpcyMvZv7np/Cz9uogWPO7SxO8bjdQJmJGHHcwg97RL6YBpa/YYTfgyE7uMpttPd9g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 274529708_106987571923436_5478948142509737568_n.jpg
scontent-fra3-1.xx.fbcdn.net/v/t39.30808-1/ Frame E9F6 2 KB
2 KB 42ms
8ms Image
image/jpeg 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra3-1.xx.fbcdn.net/v/t39.30808-1/274529708_106987571923436_5478948142509737568_n.jpg?stp=cp0_dst-jpg_p80x80&_nc_cat=101&ccb=1-7&_nc_sid=05dcb7&_nc_ohc=mL1fJ_7QP4QAX9ck9Jg&_nc_ht=scontent-fra3-1.xx&edm=AO7Os1cEAAAA&oh=00_AfDXz5WJxfvS2CsB8wPasVFeBVK2EAO9my8N5_LWuogCtg&oe=6445373D
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/welcome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 63c42d80bf7d0ce2108a7b9bb224b896384616fb3509f0edc71a09e6da245eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 22 Feb 2022 06:03:34 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2591900300
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4271382609
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2180

GET
H3 200 sL3ByF854x9.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame E9F6 4 KB
4 KB 18ms
8ms Image
image/png 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/sL3ByF854x9.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yI/l/0,cross/NK2mps8ezPf.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1b6960b9d05afbae8067fa10f2ea035b4d8d1fdf198b2a599520a5c5b104850a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yI/l/0,cross/NK2mps8ezPf.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
x-content-type-options: nosniff
content-md5: qTa6/L7wPqSYnG9sMKPwDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3888
x-fb-rlafr: 0
x-fb-debug: eLbunv2JzLoisNwlhE/dmHVcpdTmohstovsxphZeq4PzUzqkCDafJCdrae08/qaMB83B3N3eDNM5ATTXm/HRAQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 11 Apr 2024 23:15:49 GMT

GET
H3 200 bubble Show response
www.facebook.com/v16.0/plugins/customer_chat/ Frame 1248 22 KB
9 KB 54ms
53ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v16.0/plugins/customer_chat/bubble

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e099547eb924999e5c7caeb7a0531406a776909d80071ca15fd83b7511c056c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Thu, 20 Apr 2023 00:33:03 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v16.0
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: G3lp+0EVG8JZZd5wpLQ4t6pGWDUIXYfNmOaJLCwXJXY6CBlWZ6irAzA6LCjFX3Ius2yZ9SbUdjsrmipZWKf8sg==
x-fb-rlafr: 0
x-xss-protection: 0

GET bubble
www.facebook.com/v16.0/plugins/customer_chat/ Frame BAB7 0
0

GET
H3 200 bubble Show response
www.facebook.com/v16.0/plugins/customer_chat/ Frame 599E 22 KB
9 KB 55ms
55ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v16.0/plugins/customer_chat/bubble

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a3c9f9c92039f59a8b91ff2294bf8cf30742e0e865e595b702cca863768f802d

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Thu, 20 Apr 2023 00:33:03 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v16.0
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: W284twUFgBmIJjmfoVqtlcS4LuwwT3Efl6YdlZi0iTu6AcGDoHdLazLLTFy6nGM0CSNh8CzhX8/3eOxj10w52Q==
x-fb-rlafr: 0
x-xss-protection: 0

GET bubble
www.facebook.com/v16.0/plugins/customer_chat/ Frame 12C3 0
0

GET
H3 200 bubble Show response
www.facebook.com/v16.0/plugins/customer_chat/ Frame 0C3E 22 KB
9 KB 54ms
54ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v16.0/plugins/customer_chat/bubble

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5cb5062c5bdce5a616853d7603104c267ea489642114ce3af8d06a81a28153c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Thu, 20 Apr 2023 00:33:03 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v16.0
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: tyU8wwv927F3E6j7ih+v2/1f7b4NYNa80rmn1atIDBT/EW6WWPGywghHoYXETkjiv19E19TGT4xBtN/EjrRWHA==
x-fb-rlafr: 0
x-xss-protection: 0

GET bubble
www.facebook.com/v16.0/plugins/customer_chat/ Frame 6538 0
0

GET
H3 200 bubble Show response
www.facebook.com/v16.0/plugins/customer_chat/ Frame 0008 22 KB
9 KB 52ms
52ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v16.0/plugins/customer_chat/bubble

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9dde022b2b27800dfa24aef04c11e42302ea0e2bfa706d6884a3caef1ff69aa

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Thu, 20 Apr 2023 00:33:03 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v16.0
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: i+WXiaBj9o3kOFLhvlqExFh3IdyMYH9K2u8zYsEgfyqq33jo4H6gvuQZ4glNrsNwvnG82C+n2P+45mB7Yo9t6A==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
26 B 48ms
47ms XHR
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23656646db8f24%26domain%3Dpaybits.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpaybits.xyz%252Ff28fa62513453d8%26relation%3Dparent.parent&container_width=4000&current_url=https%3A%2F%2Fpaybits.xyz%2Fhome&event_name=chat_plugin_sdk_dialog_iframe_load&is_loaded_by_facade=true&loading_time=588&locale=en_US&log_id=c1bf5ac0-fd40-4f7c-9ed1-725a4c07995d&page_id=106982865257240&request_time=1681950783749&sdk=joey&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 00:33:03 GMT
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: iE5QGbxc6A/Geve3ZmeRkuUcZugcFU4HczotnOEszsw6Dz+WzEcAcVAj1jfyopI69lzNxBcsCJkFzUTVa3RoHA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://paybits.xyz
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 PdmSYZJtPe0.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/y3/l/de_DE/ Frame 1248 512 KB
133 KB 14ms
13ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y3/l/de_DE/PdmSYZJtPe0.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v16.0/plugins/customer_chat/bubble

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3241b4888eed555d3a84793f6ec7d64d6b2812968aac81c4ac1953cecef533bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1yNN05CAjkJ3s7DkJdiRyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 135810
x-fb-rlafr: 0
x-fb-debug: j6chS2g4kINRz89/wMTNAnCFTXYRfuZbgBS8qROXvIxm4YPTG7y8RTN4q+DKTdWAPcXVNv0wUx0B1Awr5nZsMg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 18 Apr 2024 22:06:08 GMT

GET
H3 200 PdmSYZJtPe0.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/y3/l/de_DE/ Frame 599E 512 KB
133 KB 13ms
13ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y3/l/de_DE/PdmSYZJtPe0.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v16.0/plugins/customer_chat/bubble

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3241b4888eed555d3a84793f6ec7d64d6b2812968aac81c4ac1953cecef533bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1yNN05CAjkJ3s7DkJdiRyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 135810
x-fb-rlafr: 0
x-fb-debug: j6chS2g4kINRz89/wMTNAnCFTXYRfuZbgBS8qROXvIxm4YPTG7y8RTN4q+DKTdWAPcXVNv0wUx0B1Awr5nZsMg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 18 Apr 2024 22:06:08 GMT

GET
H3 200 PdmSYZJtPe0.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/y3/l/de_DE/ Frame 0C3E 512 KB
133 KB 11ms
11ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y3/l/de_DE/PdmSYZJtPe0.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v16.0/plugins/customer_chat/bubble

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3241b4888eed555d3a84793f6ec7d64d6b2812968aac81c4ac1953cecef533bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1yNN05CAjkJ3s7DkJdiRyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 135810
x-fb-rlafr: 0
x-fb-debug: j6chS2g4kINRz89/wMTNAnCFTXYRfuZbgBS8qROXvIxm4YPTG7y8RTN4q+DKTdWAPcXVNv0wUx0B1Awr5nZsMg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 18 Apr 2024 22:06:08 GMT

GET
H3 200 PdmSYZJtPe0.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/y3/l/de_DE/ Frame 0008 512 KB
133 KB 13ms
11ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y3/l/de_DE/PdmSYZJtPe0.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v16.0/plugins/customer_chat/bubble

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3241b4888eed555d3a84793f6ec7d64d6b2812968aac81c4ac1953cecef533bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1yNN05CAjkJ3s7DkJdiRyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 135810
x-fb-rlafr: 0
x-fb-debug: j6chS2g4kINRz89/wMTNAnCFTXYRfuZbgBS8qROXvIxm4YPTG7y8RTN4q+DKTdWAPcXVNv0wUx0B1Awr5nZsMg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 18 Apr 2024 22:06:08 GMT

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
26 B 45ms
44ms XHR
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23656646db8f24%26domain%3Dpaybits.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpaybits.xyz%252Ff28fa62513453d8%26relation%3Dparent.parent&container_width=4000&current_url=https%3A%2F%2Fpaybits.xyz%2Fhome&event_name=chat_plugin_sdk_icon_iframe_load&is_loaded_by_facade=true&loading_time=62&locale=en_US&log_id=c1bf5ac0-fd40-4f7c-9ed1-725a4c07995d&page_id=106982865257240&request_time=1681950783811&sdk=joey&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://paybits.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 00:33:03 GMT
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: VBHY0rzOy57Rmtzj8AJpt01O5I5kPmssHZUKtSKnYlryXmGTORxEmgHdzkQ8Wyca60K1h+H7cUn9jslG0nAMRg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://paybits.xyz
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/plugins/chat/tab_impression_logging/ Frame E9F6 113 B
134 B 36ms
36ms XHR
application/x-javascript 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/chat/tab_impression_logging/?page_id=106982865257240&event_name=tab_impression&request_id=a468e735-3edc-4300-a833-3efbf0397586&plugin_interface=desktop&user_is_logged_in=false&tab_name=plugin_icon&loading_time=36&client_loading_time=686&debug_data=%7B%22fromTime%22%3A1681950783811%2C%22now%22%3A1681950783846.5%2C%22loadingTime%22%3A36%2C%22clientLoadingTime%22%3A686%2C%22hasStorageAccess%22%3Atrue%2C%22screenSize%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22size%22%3A%221600x1200%22%7D%7D&event_timestamp=1681950783847&log_id=c1bf5ac0-fd40-4f7c-9ed1-725a4c07995d&server_loading_time=640&is_new_welcome_view=true&entry_point_icon=messenger_icon&entry_point_label=ask_us

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yz/l/en_US/W6KJdIJLkRh.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4d9d5a7a28c3abe401e83e0fc61ab701d5015ee8439e61afbef98086f256f64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: FDKoAy4XiEKgV29bVeLmyB
Referer: https://www.facebook.com/welcome
X-ASBD-ID: 198387
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 00:33:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 4GtmX8nm7Tg1GRNmu+PSBRDq7OI17lIWrND2c0P/gJUHGcVDLiHiiefo8n1lGzxiUlv6G+MLwen22rNeg7/yWQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/v16.0/plugins/customer_chat/bubble

Domain: www.facebook.com
URL: https://www.facebook.com/v16.0/plugins/customer_chat/bubble

Domain: www.facebook.com
URL: https://www.facebook.com/v16.0/plugins/customer_chat/bubble

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paybits.xyz/	1970-01-20 20:48:30	Name: _ga Value: GA1.1.424828537.1681950774
.paybits.xyz/	1970-01-20 13:22:06	Name: _gcl_au Value: 1.1.1657051757.1681950775
.doubleclick.net/	1970-01-20 11:12:31	Name: test_cookie Value: CheckForPermission
ntvpwpush.com/	1970-01-20 11:55:42	Name: fp Value: null
ntvpwpush.com/	1970-01-20 11:55:42	Name: refdomain Value:
ntvpwpush.com/	1970-01-20 11:55:42	Name: mm Value: false
ntvpwpush.com/	1970-01-20 11:55:42	Name: gyr Value: 0
ntvpwpush.com/	1970-01-20 11:55:42	Name: ad_tags Value: Paybits%2CCryptocurrency%2Cfaucet%2CBest%2CAutofaucet%2Cto%2Cearn%2Cfree%2Ccrypto%2Cevery%2C1%2CMinute%2CEarn%2CBitcoin%2C%5C%2CEtherum%2C%5C%2CShiba%2C%5C%2CTron%2Cand%2CMore%2Cdirect%2Cto%2Cyour%2CFaucetpay%2Cand%2CBinancePay%2Caccounts%2C.
ntvpwpush.com/	1970-01-20 11:55:42	Name: tag_ab Value: a
ntvpwpush.com/	1970-01-20 11:55:42	Name: timezone Value: 0
ntvpwpush.com/	1970-01-20 11:55:42	Name: utm1 Value:
ntvpwpush.com/	1970-01-20 11:55:42	Name: utm2 Value:
ntvpwpush.com/	1970-01-20 11:55:42	Name: utm4 Value:
ntvpwpush.com/	1970-01-20 11:55:42	Name: accel Value: 0
ntvpwpush.com/	1970-01-20 11:55:42	Name: screen_resolution Value: 1600x1200
fp.metricswpsh.com/	1970-01-20 19:58:06	Name: id Value: 15741603174044748625
.paybits.xyz/	1970-01-20 20:34:06	Name: __gads Value: ID=a06023f20a5b657d-22d117d024df00f4:T=1681950775:RT=1681950775:S=ALNI_MZadKeJ-zutKw4eJarZC7YQ7dm66w
.paybits.xyz/	1970-01-20 20:34:06	Name: __gpi Value: UID=00000bd84620ec3c:T=1681950775:RT=1681950775:S=ALNI_MbHnBzJBOdMtVIsIUG8QgYoilYRbQ
.paybits.xyz/	1970-01-20 20:48:30	Name: _ga_DQ4LF88TWF Value: GS1.1.1681950774.1.1.1681950776.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9547841375802912&output=html&adk=1812271804&adf=3025194257&lmt=1680384701&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpaybits.xyz%2Fhome&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681950775065&bpp=3&bdt=943&idt=246&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1482075769681&frm=20&pv=2&ga_vid=424828537.1681950774&ga_sid=1681950775&ga_hid=444827760&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44786500&oid=2&pvsid=1010255634599963&tmod=435701374&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=266 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S1477233071%3A1681950775591827&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7QtToeO1hAqxI9n5sEdVrriO9e1XzTC9enIlK1uvi2nkHI13oIqCtfushTjlfe8oDuVKe2oBg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0b07b901e2.42de2de7b1.com
8c13bf20ce.6ce0a3adc4.com
a83cd3d8a2.0fed9a37d4.com
accounts.google.com
ad.a-ads.com
adservice.google.com
adservice.google.de
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
cryptocoinsad.com
fonts.googleapis.com
fonts.gstatic.com
fp.metricswpsh.com
googleads.g.doubleclick.net
i.cdnkimg.com
js.wpshsdk.com
nereserv.com
ntvpwpush.com
pagead2.googlesyndication.com
partner.googleadservices.com
paybits.xyz
region1.google-analytics.com
rt183.surfe.pro
s.viifogyp.com
scontent-fra3-1.xx.fbcdn.net
socialplugin.facebook.net
static.a-ads.com
static.bookmsg.com
static.surfe.pro
static.xx.fbcdn.net
tpc.googlesyndication.com
www.chatbro.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.facebook.com
136.243.22.74
157.90.84.242
168.119.25.102
176.9.28.133
185.98.54.153
2001:4860:4802:32::36
2606:4700:3031::6815:2549
2606:4700:3032::ac43:ddae
2606:4700:3038::6815:ebcc
2606:4700::6810:5914
2606:4700::6811:180e
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::200d
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2008
2a01:4f8:252:561a::2
2a01:4f8:c0:2343::2
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f083:10e:face:b00c:0:2
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3121::3
45.133.44.37
45.133.44.52
45.133.44.53
94.130.197.140
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
026a93aa9eb9fb7408da6d1c479478fdc224197deea3d94405b72bdb8977c8c0
0309d220c2e46017dbc9946c2c1091503279b900cd0a8b10e5e58822d6d824af
0509b21e65eadd03ae4a70523e109f31adc49e3ca5394a080ddf04b8017384c0
05882fa4e821333fb62a4a8d07b7c451e6efbabfa9f3d4946ba9cb54dfb0f04b
0790bbbc8460ebf0668ff0192b6ecf0c0f6bed7aedf59cbbbed49bf54499f2a3
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0c10dfa916fa68544e3d9e3f1933c8f29565be0f27f2185b69e2c4597b63c875
0d4f6240127cf5d1cfda2caeb0283efb4c9c879e43031f102fa3fc09853ae1b2
0dec29b3b4c5ee4344221982c0ea7b3e5b672bb4c7e77f41461eb9eea591b30a
10c1446372d57001bd0b5bf971bce85d61a6291f44008adfe91f4bf21c7fcd84
11d10555229f1da959cea48103bdcfdfb05bcb991e8f7c85e73c585d9b25ba8c
141653af87ad92fbaddead1fe145f2bdbaddab6357d9aaf0c2f08e83825dca46
1519f65f0646c7ec878163cb3a7034c6db155f9243ae1208e3b3ad3bbd5ad503
1a80dc68c72ce0418c5568bda626571bb82928350a469c3fae760a9b69df1157
1b61a608f0ccf9c5629df73b1c59d8227b02796f62501e9a932953e76459368b
1b6960b9d05afbae8067fa10f2ea035b4d8d1fdf198b2a599520a5c5b104850a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cec85e404e543a8d14e8bc5aca13acdace8d4de8c0d8fe090dc2e51d6139969
242e5afee0099d82b3e206c4befd8a1d4e31ec741292b1b2d4ea3c24cd7e125e
24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56
252020519b9481bc71c10e8ba9fc22d687d4718b5dde817ce56b6e26b0353076
2531a9b1dbeee8c6b4cdad9032a10682ac111ac605aac2d406f226f2c484dcf3
270a637e9c97cd0ce2b8860fdddf496b483ce586711e1fb7527eb8c5e0d5746e
2995e384b2095c3d2080465ca06247246fda4ebfa6d33ebb4f2a81fa9e004c76
2b41c600ef51fbd31888250790a91dfcf3982634698a9f64bbbc2f3e980aa17d
2b546c2613a0d12f8b635a2223dfee34f2a12c2f892b7a933dc406c7fd3fd5d1
30a288f4b8350f8121ceab4313aa78320d3a313c7425136323191ced5b6a0b65
3151c6914dfaa08ce8ed67e524c8a98bb327044d71de484a1713ef4a319d99ea
3241b4888eed555d3a84793f6ec7d64d6b2812968aac81c4ac1953cecef533bb
37233c58b616a71373774737d7a9e819c27d52ac7f941a5fbbbe5afe09f74331
39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e
3bd34a08f83fed3ced5508056737f9594d36e0e98f0cefdde2b92fbd8ead1bd1
3d117928846582406e242699366dd95dac705111b5f703bb46d674548dfbd279
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536
4020cedb5855a250bcf1592f7ad6f84a4619a4295dde8f7f6b6a0e08fb5e263c
433cfcf56c48525963b9518c0b5bb8c56dfd15e432b1425805452e3a2a604dc0
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd
447ae14eab2a2bfc14aeaf412f240b11f911a153c8035ca18cf28377d0c1ebcd
46f50f887596a1e4631662913dc500cd54339f512b413894f38972eff36082af
46feaf6331b1a9dce57f8139983138c35e4b398437d1c8c71e8789487a29c0e3
48c92a112a43607828bba1abda112d4d6775b5553d11da9c7129dbff3ad4fa8e
4e69c68f5c5b6c87b4b0437ddce158f64c43653e489a7f0731492243ea115ad7
4eddbf4efafbd36f283862ec31bbafc699fbca5449e16b8dc1f8931ef55c0a57
4f4bcfbf20d608799ea8800641b188ece43e8d862ad407a7f34422eb4b9996b3
506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604
51fbdb907b2cb9a66aec46c76a67db63543831bb18a400436382c227368327cc
52374b1892e3ff7ad4f5bfbd09e68b241390ba2e00e39015f6471cf7f346b346
52b6bc2da1a35ad6706eec5961272fd563b4b06da757483fb36dd4a72716bd12
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5a5b733dbc8b52f58b34f0c2caa59d6340080934889299016ba33d6adfeb694f
5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca
6324d4f5b19324248925444a4560590eae7dd2173e54e3de06525c63fb68e56f
63c42d80bf7d0ce2108a7b9bb224b896384616fb3509f0edc71a09e6da245eba
65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a
669df991bc101ce8036b07e4431b837c3afcfaedd8e18356f1930bdd8235a6ab
6bbfdebcfc2568412d851a7de0def80e6e12bbf31716f940d9f5bfcf354344a6
6dacaa045e8c49aa1c688ba2cb6e436a0b180a96971d8ca842f7948cc7d2ca08
6e099547eb924999e5c7caeb7a0531406a776909d80071ca15fd83b7511c056c
6f6f8938b17bc251aac605680661f7fb02f90d89eac64cc10175e7231a3a6431
7b349427f71bbff635c551b8dd15c3e09865ffee793bb9a340f9898bde3c6745
7c2c015e4fc8eaf989fd22795a32f65110a7f6734b525d340285548e1640af13
8043c183e8d6ea8373ffef620de93216ec7655a9047ee5346c3852df3eedad22
833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69
8c7023886fc9a43b078d04a6f02e3b379d2ecd4eb9e217389ce2a3aa013bd3b6
8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a
901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe
905d47d658283e755e58b7b914fa2e97bbabfe35fdd379bf018d75277f2adbe2
9287b5f3056090976408079dd7788ef61d548ada148172764c1548f00037a3b7
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9884a4fc9740e0d81aefb847822f2e77378ba74a56fe355e4e12452a866883bd
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f9c5ffd8660095ded860691a76f876188077c337bd274f73470d6255f56db6b
a222ed6fc63d91d555c29e1880905ca4340fa8c23a1f6d2d58c6048b14ee3d96
a3c9f9c92039f59a8b91ff2294bf8cf30742e0e865e595b702cca863768f802d
a3e3d168d0f2ef0d1a167b1bfdc41e5aba06ec3769d95f110071b41ebc508e84
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aae42162a1576ddc488b38fb6022d9c1053191a71742eef11ce71235c8a57b72
ab24a2acc3574b6ad478c7cfc4229eebfe35aa849744f7e6e867ce82fcff0d1a
abb655e98eb936f2434735836b13928b465ce62dd2fb329478431f28f837bda3
b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828
b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62
b4d9d5a7a28c3abe401e83e0fc61ab701d5015ee8439e61afbef98086f256f64
b5b9cb0cf924dc9eaa38ed4cdbcef009270ca7a8d1ec26d1dea66a70a8737f92
b741437f08ff5a83072016e615fb8eb59bf5c2d03defb4027ec151de9d4ae0da
b9254bbd972e39fae9a8131f960de877fac0f3df0d989a8d116aad66072dce1a
bce716bda4f8fdc0a9598dbbd72e2f51b8a52ba10065b15c042bad9581629113
c0be64c016eceb1cced69da6018305bdf12a195836222ef2459e2fddf969e632
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
c56420aa6e76f95c2fb963542860396f5e291e6ddc7f567eb804c728c95264df
c6366f464885ecf92d1de07c3ee1265257f589a80db5e9a89c06d81e966c0ec3
c666850386bdcce72325dde1740c1112323989ee00d9e76ea3b182736b439d86
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134
d1886373b1a0ae479e6d2f6fc0b9d84228dc17feca62e069aa2074393531a16a
d356266cbf28b090f7fa6ee9c515390bec1aa129686a1efe76d076690d4af611
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d4ec31d8b82dae12fca9c7354456f30a106830d59073b8767ac1a7ad7546b884
d5cb5062c5bdce5a616853d7603104c267ea489642114ce3af8d06a81a28153c
d8b5a182bc67221d6aca1ae17ae45734e487e51959af519203bbc0b088b94062
da92933dd66491210befa7eb1cad80303c69cf9493e495f67b1903895c949ac1
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e792001c1f9e88775b90e286737f006bc320f24d54052e311c2fba976f244ddf
e8885355c507556d3ba459725ec8fea0e533ba52536c26260d3d427e69cb8db4
e9e69e15d6ef8ea1c7a0590b19efa29323f4ba40f3af0bcfc665f1c35ca50c8d
eaaa0ff9b82c2abeb10c02ef85dfff78f566fd82ee938963327548dc9515856f
f00c1af8def99b0ff21a3723a79016c9a169bb03ef0006b74b1b7253e7a99044
f1b79a0fbd89b74442e3a2d2ac78251fab12202190d2712778a9fb06603a020e
f5b7cca93edaff23020330b201d45def46d287db5da3a1222bf0875958a9adeb
f61e0c3cf6870f7633ee2cb5c7c53e4c325e7850f8983fb82c314aa1334bc503
f6c42c88c9d79776fb1d5618404bceb629242311f8868c1caceafdf530be56f4
f7cf499374cfb2383a6986a2195b4167801dc98421d3fecfb4a86fdd08734a2e
f8eb5d7ec73949baa68e77fe7c26a1753af2c98f93869253d9b8ce1cdcd6b213
f971cb967dcad04a8841f828a2de1be5c99abec685ce5dadb449b5e36c217dee
f9dde022b2b27800dfa24aef04c11e42302ea0e2bfa706d6884a3caef1ff69aa
fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d
fb13c3cbe434759f1ee567660cfc8277250c7a3e81c4e025ae5014fe417edcf1
fe6d621a92e8cea7b25f47476046a3adba189ef9156170cc6530af9d7cdc2d71
fee4951824a7d0af1a5e35c0464869ca21e1f39f5a56dbafd420f43e225b6f1f
ff7752702f4c4c362f1eaec396e6aac8a0aadf3def7dc0817e558c60ce20f0c5
ffadf9e7288924c27f8e73ca5cec5adb162a25a7cf9b71bc54c90fbc01e71775

paybits.xyz Open in urlscan Pro 2606:4700:3031::6815:2549 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

146 Requests

97 %HTTPS

73 %IPv6

29 Domains

37 Subdomains

33 IPs

3 Countries

4080 kBTransfer

13074 kBSize

19 Cookies

3 Outgoing links

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 25 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

paybits.xyz Open in urlscan Pro
2606:4700:3031::6815:2549 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

97 %
HTTPS

73 %
IPv6

29
Domains

37
Subdomains

33
IPs

3
Countries

4080 kB
Transfer

13074 kB
Size

19
Cookies

146 HTTP transactions
25 data transactions