bambit.xyz Open in urlscan Pro
192.110.165.154 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
Submission: On October 07 via api (October 7th 2023, 7:18:23 pm UTC) from US — Scanned from DE

Summary HTTP 107 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 21 domains to perform 107 HTTP transactions. The main IP is 192.110.165.154, located in Phoenix, United States and belongs to IOFLOOD, US. The main domain is bambit.xyz.
TLS certificate: Issued by R3 on September 29th 2023. Valid for: 3 months.

This is the only time bambit.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	192.110.165.154 192.110.165.154	53755 (IOFLOOD) (IOFLOOD)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
17	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.0.209.150 162.0.209.150	22612 (NAMECHEAP...) (NAMECHEAP-NET)
4	213.239.205.245 213.239.205.245	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700:10:... 2606:4700:10::6814:91f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	142.4.219.198 142.4.219.198	16276 (OVH) (OVH)
27	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 5	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
107	29

4 192.110.165.154 (Phoenix, United States)

ASN53755 (IOFLOOD, US)
PTR: we.love.servers.at.ioflood.net

bambit.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cryptocoinsad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.0.209.150 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium177-2.web-hosting.com

exactpay.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.239.205.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.239.205.245.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:91f (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.4.219.198 (Canada)

ASN16276 (OVH, FR)
PTR: ns5000868.ip-142-4-219.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.27.193 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	tawk.to embed.tawk.to — Cisco Umbrella Rank: 10237 va.tawk.to — Cisco Umbrella Rank: 9820	225 KB
19	googlesyndication.com 3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	102 KB
17	cryptocoinsad.com cryptocoinsad.com — Cisco Umbrella Rank: 286196	564 KB
10	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	200 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	638 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	3 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	37 KB
4	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 35458 static.a-ads.com — Cisco Umbrella Rank: 46836	1 MB
4	bambit.xyz bambit.xyz	420 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	2 KB
3	histats.com s10.histats.com — Cisco Umbrella Rank: 12099 s4.histats.com — Cisco Umbrella Rank: 11973	11 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	62 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	45 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	59 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250	251 B
1	exactpay.online exactpay.online	525 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 925	30 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	91 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	11 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3030	27 KB
107	21

	Domain	Requested by
22	embed.tawk.to	bambit.xyz embed.tawk.to
17	cryptocoinsad.com	bambit.xyz cryptocoinsad.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com bambit.xyz 3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com bambit.xyz 3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	va.tawk.to	embed.tawk.to
5	www.gstatic.com	www.google.com
5	www.google.com	bambit.xyz www.gstatic.com www.google.com tpc.googlesyndication.com
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	bambit.xyz	bambit.xyz
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	securepubads.g.doubleclick.net	exactpay.online securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	bambit.xyz
2	3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	static.a-ads.com	ad.a-ads.com
2	fonts.gstatic.com	fonts.googleapis.com
2	s10.histats.com	bambit.xyz s10.histats.com
2	ad.a-ads.com	bambit.xyz
2	cdn.jsdelivr.net	bambit.xyz embed.tawk.to
1	s0.2mdn.net	3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com
1	www.googletagservices.com	3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com
1	googleads.g.doubleclick.net	3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	region1.google-analytics.com	www.googletagmanager.com
1	exactpay.online	bambit.xyz
1	fonts.googleapis.com	stackpath.bootstrapcdn.com
1	code.jquery.com	bambit.xyz
1	www.googletagmanager.com	bambit.xyz
1	cdnjs.cloudflare.com	bambit.xyz
1	stackpath.bootstrapcdn.com	bambit.xyz
107	30

This site contains links to these domains. Also see Links.

Domain
faucetpay.io
www.histats.com

Subject Issuer	Validity	Valid
bambit.xyz R3	`2023-09-29` - `2023-12-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cryptocoinsad.com GTS CA 1P5	`2023-09-01` - `2023-11-30`	3 months	crt.sh
exactpay.online Sectigo RSA Domain Validation Secure Server CA	`2023-04-15` - `2024-04-15`	a year	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-21` - `2024-01-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
histats.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
Frame ID: 9B1BFBA2D4FE9B9B5CA51AB383126474
Requests: 44 HTTP requests in this frame

Frame: https://cryptocoinsad.com/ads/show.php?a=257233&b=397822
Frame ID: 004FC595F4A0313BEFC0E9B2C0C69ACA
Requests: 3 HTTP requests in this frame

Frame: https://exactpay.online/naijafav.html
Frame ID: 8634CF839FE3AF0C9AE7BE77FB248D55
Requests: 7 HTTP requests in this frame

Frame: https://cryptocoinsad.com/ads/show.php?a=257233&b=397823
Frame ID: 48792B22A2ADEB85AE069D3F4029E852
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/2262350?size=300x250
Frame ID: 013ED9A986708C683C1EE017D37479B3
Requests: 3 HTTP requests in this frame

Frame: https://cryptocoinsad.com/ads/show.php?a=257233&b=397823
Frame ID: FB4C18F7A8FDC2F47E4104A887B3CEE7
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/2262350?size=300x250
Frame ID: 07218296C4E677A16CC1702D2555F4E3
Requests: 2 HTTP requests in this frame

Frame: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
Frame ID: 5D8E8E73286D1369B9D7D71D7A4256AF
Requests: 3 HTTP requests in this frame

Frame: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
Frame ID: EF797DEB4951E7EB216E9CD8F94CBD4C
Requests: 3 HTTP requests in this frame

Frame: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
Frame ID: 031D19DE198AF4B1A357DF59BB8C90BB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leqf2cnAAAAADHxSfStAhvyK0wtW2OsdeBgql_g&co=aHR0cHM6Ly9iYW1iaXQueHl6OjQ0Mw..&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=4b7jq213aqdp
Frame ID: 62C53BF0E018188132CB6B33934D79DB
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6Leqf2cnAAAAADHxSfStAhvyK0wtW2OsdeBgql_g
Frame ID: E832F09277C2260E16AEC9CF384FF81C
Requests: 3 HTTP requests in this frame

Frame: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 17300C33B827F0E584F83AF4C446107C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CD6E6DE1AA0A4E212883148075CEE14A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8D20A2B5F53C35BD92071BD9E4ACDB2E
Requests: 2 HTTP requests in this frame

Frame: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6003370D7257887D08DADB040D90935E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYutPh8gEwAQ&v=APEucNUgT2gFQomBVER9SDtZlkg-3zplXW4Uj5QGOpOweqsQXHaPocQwXMjbp6h8V_KD8rjtw074XHUPm_t7u0ZRlAAkbW2DAM8OHrBY4gs41CHz5efoSZY87_6BIwv5iVY_K2rvd4n_OJjGvTqVRoL4LF-3AQQR3gGNafJh8gCiNHzYgFaTIAg
Frame ID: E70F6D70C2348402FBADD45023378A0D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FC87D71DFA550C6F8C384C2E2727282C
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65040be8d34/css/min-widget.css
Frame ID: D847C4DC113A5BD96452D89E4FFA2FA3
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65040be8d34/css/bubble-widget.css
Frame ID: 27090AF10EA26A47E842AF48D1D4B0DF
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65040be8d34/css/message-preview.css
Frame ID: 628AD38B157CB04AC9BD18DA00BDCE41
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65040be8d34/css/max-widget.css
Frame ID: B64C2BBEDE61C3F9441AC8AD36FFF933
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bambit InstantBtc | Free Bitcoin Faucet

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

107
Requests

96 %
HTTPS

71 %
IPv6

21
Domains

30
Subdomains

29
IPs

4
Countries

3758 kB
Transfer

6993 kB
Size

19
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://faucetpay.io/?r=27882
Title: FaucetPay account

Search URL Search Domain Scan URL

URL: http://www.histats.com/viewstats/?sid=4803420&ccid=7

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGOv4_54MJUUfmP-1LSjm6k&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGOv4_54MJUUfmP-1LSjm6k&google_cver=1&C=1

Request Chain 89

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSGu.pFCFn4yVJKgjggVEAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGOv4_54MJUUfmP-1LSjm6k&google_cver=1&google_hm=2

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ_2eWKNIqZSGEUL5dxLnLw&google_cver=1

Request Chain 91

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQzMjE1NjUzNzIxMDYzNzE4Ng%3D%3D

107 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bambit.xyz/instant/btc/ 60 KB
36 KB 1129ms
305ms Document
text/html 192.110.165.154
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL

https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.110.165.154 Phoenix, United States, ASN53755 (IOFLOOD, US),

Reverse DNS

we.love.servers.at.ioflood.net

Software

/ PHP/7.4.33

Resource Hash

94c43703f88a9e6896620b095335e3a70492a2a5bb415048e106d278f38e535f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 07 Oct 2023 19:18:16 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-xss-protection: 0

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootswatch/4.5.2/lumen/ 184 KB
27 KB 38ms
19ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootswatch/4.5.2/lumen/bootstrap.min.css

Requested by

Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eb80f196f390a7a014dc31138862457b5986a3e47bf9a7288571a2a466be498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601
age: 116058
cdn-cachedat: 12/06/2021 09:10:30
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:47 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 21b7e0cdb3fd1c68b7887cd6365b64f2
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 81287d33fba99261-FRA
cdn-requestpullsuccess: True

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 58 KB
11 KB 53ms
26ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Requested by

Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bambit.xyz/
Origin: https://bambit.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4499511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10482
last-modified: Thu, 22 Jun 2023 11:02:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a3b-28f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gt978g02ZZnOzAkcXRymu7ziIwjYsWnt2GznPPp4KDEHK%2Bb0npCB9SB9T7pIyDvsOJIXFPM3ypAH10R3xmQSpz1jf9U1LSwfvyGp9dBQPOWuiIDOkhORJBlV%2B4B%2F1%2FYWjU4t2pRcYASiti7%2F4pLdeBi3"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81287d33f8b2906d-FRA
expires: Thu, 26 Sep 2024 19:18:16 GMT

GET
H2 200 base.css
bambit.xyz/instant/btc/libs/css/ 748 B
420 B 143ms
143ms Stylesheet
text/css 192.110.165.154
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://bambit.xyz/instant/btc/libs/css/base.css
Requested by: Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.110.165.154 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: we.love.servers.at.ioflood.net
Software: /
Resource Hash: 96d937266e197db610a6e47e75f3afe063b0795eb0559104696e89bf74c538cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:16 GMT
content-encoding: br
last-modified: Tue, 23 Feb 2021 01:06:54 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 313
expires: Sat, 14 Oct 2023 19:18:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
91 KB 49ms
26ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JD9ZD4BTJ7

Requested by

Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17172ed6d8f653456df89c8aac458a1fb0b722640265ee90175b1004ecca1213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92794
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 07 Oct 2023 19:18:17 GMT

GET
H2 200 1694722094Bambitlogo.svg
bambit.xyz/images/ 532 KB
384 KB 145ms
145ms Image
image/svg+xml 192.110.165.154
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bambit.xyz/images/1694722094Bambitlogo.svg
Requested by: Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.110.165.154 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: we.love.servers.at.ioflood.net
Software: /
Resource Hash: dbcf008c0d14602287aacc484727d63fe076217f0ed244c228ee96005aaa75d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
content-encoding: br
last-modified: Thu, 14 Sep 2023 20:08:14 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 392808
expires: Sat, 14 Oct 2023 19:18:17 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7667d41929dbee536024b3381aa9e72c4c711d03c5c75fdf227a0537483bbf99

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 07 Oct 2023 19:18:17 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 42ms
13ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://bambit.xyz/
Origin: https://bambit.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1904098
x-cache: HIT, HIT
content-length: 30879
x-served-by: cache-lga13628-LGA, cache-fra-eddf8230063-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1696706297.065642,VS0,VE0
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 43, 954089

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 82 KB
23 KB 48ms
30ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bambit.xyz/
Origin: https://bambit.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19651479
x-jsd-version: 4.6.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230133-FRA, cache-yyz4552-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amFebCPuGfpiOWEI2mf6Ef9BJp9SW%2FxZRKAGfBPTRTIgczfm7cDwUZqNnBc%2FiP4LBPdtyLpm8DiZH1eVYZFxMyTl%2F9NuYrGA9eae2MJ5UOnURyNZuCp%2F6m%2B4K%2FqENMpXjUcy1aED%2FUOrjLwBXrE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 81287d34dafe9031-FRA

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 55ms
32ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,700;1,400&display=swap

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/bootswatch/4.5.2/lumen/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3406fb339d2d7f2b28d01359fc7a7fcb504da4e487e9077dbfd504e589794d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stackpath.bootstrapcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Oct 2023 19:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 19:11:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Oct 2023 19:18:17 GMT

GET
H2 200 show_ads.js Show response
bambit.xyz/instant/btc/libs/ 23 B
138 B 143ms
143ms Script
application/javascript 192.110.165.154
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://bambit.xyz/instant/btc/libs/show_ads.js
Requested by: Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.110.165.154 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: we.love.servers.at.ioflood.net
Software: /
Resource Hash: ae8733fbaff642fc86c871273af6a0430ca67d764e4169c5a38c6fd66fbf8169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: application/javascript
date: Sat, 07 Oct 2023 19:18:17 GMT
cache-control: public, max-age=604800
last-modified: Tue, 23 Feb 2021 01:06:50 GMT
accept-ranges: bytes
content-length: 23
expires: Sat, 14 Oct 2023 19:18:17 GMT

GET
H2 200 show.php Show response
cryptocoinsad.com/ads/ Frame 004F 2 KB
1 KB 144ms
107ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397822
Requested by: Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.24-0ubuntu0.18.04.17
Resource Hash: 603799164096822f17564e42267b4af37947617b00114c466457f817311d2507

Request headers

Referer: https://bambit.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81287d351b4abbf7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 07 Oct 2023 19:18:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rM93i2V3h1zDc%2B%2BPJ%2FN4DBxOOoS282AgyEdKr%2B7GC7ralpakGJ8LhbciOUJ2Am1s2yMnuaqmqExvqZHmcrCn41sgX6I5NagEEpaCiPvO8zCFF4MREoRfkyvTGK8JDktgVpr6XvACgeubOP7YqKVopg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.24-0ubuntu0.18.04.17

GET
H2 200 naijafav.html Show response
exactpay.online/ Frame 8634 839 B
525 B 485ms
157ms Document
text/html 162.0.209.150
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://exactpay.online/naijafav.html
Requested by: Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.150 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium177-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 59a8ed4238390c6e34e906cab2ebe6f3cfa19b484db3a601d414cc2d3c18b728

Request headers

Referer: https://bambit.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 358
content-type: text/html
date: Sat, 07 Oct 2023 19:18:17 GMT
last-modified: Mon, 02 Oct 2023 22:44:38 GMT
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 show.php Show response
cryptocoinsad.com/ads/ Frame 4879 2 KB
1 KB 143ms
108ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397823
Requested by: Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.24-0ubuntu0.18.04.17
Resource Hash: 9fdbc1af69060f7ac95a881a27e223b145f52141ea57222a23eda8a2df6a7d9d

Request headers

Referer: https://bambit.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81287d351b4ebbf7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 07 Oct 2023 19:18:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVZWa4BwpxQjIbwMLavWuQ2cHpUnlriqz7%2FMGk0Sl0Czf%2BHxlVWg70dj7d9c684Gz7ebxSYvGNqfOl5nbNtkWRurEoU0fWumf0xBWBaE%2BWGisZ2tjzM18aCfbVn9lOs4dOGgGwj6zyz0YAkQb4haLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.24-0ubuntu0.18.04.17

GET
H2 200 2262350 Show response
ad.a-ads.com/ Frame 013E 12 KB
5 KB 62ms
20ms Document
text/html 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2262350?size=300x250

Requested by

Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.213.239.205.245.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

9b4fdb2e5c9bd367f9a31f363c9ed2ba5670818161e146ef9dface16dca71722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bambit.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sat, 07 Oct 2023 19:18:17 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://bambit.xyz/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0be4ed3ca4c273c02bc33e0dab7a5dc320af47ab7e19668d8f3de24d882242c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 show.php Show response
cryptocoinsad.com/ads/ Frame FB4C 2 KB
1 KB 141ms
108ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397823
Requested by: Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.24-0ubuntu0.18.04.17
Resource Hash: 9fdbc1af69060f7ac95a881a27e223b145f52141ea57222a23eda8a2df6a7d9d

Request headers

Referer: https://bambit.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81287d351b50bbf7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 07 Oct 2023 19:18:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXfVUj%2B0WKc1%2FrxwPmhEl6sSBzniB6dupUlw3NczKogzfnqsIONHmLAQTWm6J4xd3hoNA9KnuNA62AkUIqd9FFSXZOW868WAv56EiMsRgkb39viFwK6njAFvRXdCF0tjzJ2F2S3Oc%2FUP7A34o4k4iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.24-0ubuntu0.18.04.17

GET
H2 200 2262350 Show response
ad.a-ads.com/ Frame 0721 12 KB
5 KB 62ms
22ms Document
text/html 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2262350?size=300x250

Requested by

Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.213.239.205.245.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

9b4fdb2e5c9bd367f9a31f363c9ed2ba5670818161e146ef9dface16dca71722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bambit.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sat, 07 Oct 2023 19:18:17 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://bambit.xyz/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 show.php Show response
cryptocoinsad.com/ads/ Frame 5D8E 2 KB
1 KB 135ms
105ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
Requested by: Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.24-0ubuntu0.18.04.17
Resource Hash: b4aad5a1e4471706de1df9b551ded493452695a8607def30a5ee65e5d83af116

Request headers

Referer: https://bambit.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81287d351b57bbf7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 07 Oct 2023 19:18:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbXpAL5YWib2Qd%2Fm6ouA0nveR%2F1Stz%2B5xJX0kyn54M9rI9x0IhdEbdztcJ%2F1Tn1ly%2BRN7STic96OdP6xRcU27stqCvgC8jSV1qWkMGlC0VHamu8ILtXRQ%2B7114oPJ3WSXhTQPiji442QUEF0CrJtbA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.24-0ubuntu0.18.04.17

GET
H2 200 show.php Show response
cryptocoinsad.com/ads/ Frame EF79 2 KB
1 KB 266ms
236ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
Requested by: Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.24-0ubuntu0.18.04.17
Resource Hash: b4aad5a1e4471706de1df9b551ded493452695a8607def30a5ee65e5d83af116

Request headers

Referer: https://bambit.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81287d351b53bbf7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 07 Oct 2023 19:18:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdKLgjojedL%2BJkFIGEIn6FfwmJXp6X3FNQDeV1ITuXnMQBBhsl08aI9HSWf77HV2nBxmgQaMTGaawL5jnWFtgOyQ%2BMgGrlVwPvkQHKl1zljFdUclDQbA8uFRgU3zbA%2FHSXaoEloTEoCcFClJrsLCGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.24-0ubuntu0.18.04.17

GET
H2 200 show.php Show response
cryptocoinsad.com/ads/ Frame 031D 2 KB
1 KB 137ms
109ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
Requested by: Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.24-0ubuntu0.18.04.17
Resource Hash: b4aad5a1e4471706de1df9b551ded493452695a8607def30a5ee65e5d83af116

Request headers

Referer: https://bambit.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81287d351b5abbf7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 07 Oct 2023 19:18:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9OFy6QezI2IAMn4mvaIobHVLA96xFiWfCeyUkxaC0ZiXuycpVvArwSbV16pgpqLmPFzrRfkdBcaHxd1DqV1gyoEK4pZExAkPNTY7NuEn0B7G9MLXmPQIJmf5QkQeijoCsMaHHrCT0BwgajBSCKKOA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.24-0ubuntu0.18.04.17

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 66ms
20ms Script
text/javascript 2606:4700:10::6814:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:91f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 11901
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 81287d353b36996f-FRA
content-length: 4547

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 34ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bambit.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 142636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 03:41:01 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 37ms
10ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bambit.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 17:44:00 GMT
x-content-type-options: nosniff
age: 178457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 17:44:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ 466 KB
187 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bambit.xyz/
Origin: https://bambit.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 07:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190978
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Oct 2024 07:31:14 GMT

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/393795/ Frame 013E 609 KB
610 KB 21ms
10ms Image
image/gif 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393795/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2262350?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.239.205.245.clients.your-server.de
Software: nginx /
Resource Hash: 69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
x-amz-version-id: FNTy6PSZIujNe9T_DALSYLZHxxf2zICy
last-modified: Tue, 31 May 2022 13:40:41 GMT
server: nginx
x-amz-request-id: V9EFTHDA6AMWRRYC
etag: "022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 623504
x-amz-id-2: x3kxx0FglEtBJCLIZl+Ynw8IKRFDqobfiS6wePVpA/e+eAA6nMx+XilQgp/6Fg0zsh3xw+olYYU=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/393795/ Frame 0721 609 KB
610 KB 36ms
28ms Image
image/gif 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393795/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2262350?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.239.205.245.clients.your-server.de
Software: nginx /
Resource Hash: 69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
x-amz-version-id: FNTy6PSZIujNe9T_DALSYLZHxxf2zICy
last-modified: Tue, 31 May 2022 13:40:41 GMT
server: nginx
x-amz-request-id: V9EFTHDA6AMWRRYC
etag: "022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 623504
x-amz-id-2: x3kxx0FglEtBJCLIZl+Ynw8IKRFDqobfiS6wePVpA/e+eAA6nMx+XilQgp/6Fg0zsh3xw+olYYU=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 013E 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 41ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JD9ZD4BTJ7&gtm=45je3a40&_p=2092038020&cid=1499587473.1696706297&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696706297&sct=1&seg=0&dl=https%3A%2F%2Fbambit.xyz%2Finstant%2Fbtc%2F%3Fr%3D1exaDMoKy7ib5ewfrm7KWFok72b1AzAue&dt=Bambit%20InstantBtc%20%7C%20Free%20Bitcoin%20Faucet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JD9ZD4BTJ7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 19:18:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bambit.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 4803420.php Show response
s4.histats.com/stats/ 107 B
242 B 287ms
94ms Script
text/html 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4803420.php?4803420&@f16&@g1&@h1&@i1&@j1696706297221&@k0&@l1&@mBambit%20InstantBtc%20%7C%20Free%20Bitcoin%20Faucet&@n0&@o1000&@q0&@r0&@s7&@ten-US&@u1600&@b1:-36583442&@b3:1696706297&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fbambit.xyz%2Finstant%2Fbtc%2F%3Fr%3D1exaDMoKy7ib5ewfrm7KWFok72b1AzAue&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: ed8a54f7aa3d9392d73838bd3cfc83fe36e5930ee1db63a9427359b8a583f111

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sat, 07 Oct 2023 19:18:17 GMT
Connection: close
Content-Length: 107
Content-Type: text/html;charset=UTF-8

GET
H2 200 468%D1%8560.gif
cryptocoinsad.com/banner/ads_banner/ccsad/ Frame 5D8E 72 KB
72 KB 16ms
15ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/ccsad/468%D1%8560.gif
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dec29b3b4c5ee4344221982c0ea7b3e5b672bb4c7e77f41461eb9eea591b30a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 15:12:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2532
etag: "61f55959-11e22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Lv1SZwOvp2xtTR2iCn608my%2Buj2JQQx9AngYlFOjzSNr2U%2BU9G2J9ydfri5gulBF0qaqAnsawesowLfZOD026tAcQvL1RfYGoUUufEpQlh7Dr8BMwSdiRG%2B0CfomvFVuZjtd4B18DAFvHvBWa75Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 81287d35dc66bbf7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 73250

GET
H2 200 728%D1%8590.gif
cryptocoinsad.com/banner/ads_banner/ccsad/ Frame 004F 98 KB
99 KB 28ms
27ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/ccsad/728%D1%8590.gif
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75997486ced2a1c90180df36d0e45032930ae4ac05cddaabcfd04f13c79f06e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=257233&b=397822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 15:12:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2578
etag: "61f55959-18885"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbiBkTuZNyseRQohl5WkBloGdXBxf3lvZyvsRkQMnIaSc7IY%2FtLZgX8lLu6gH97AUYgu2f%2FA8%2B8L%2BHrQG1qNgWOeXvTuGvele%2F74mfIeXsWRAskvED2xAUMH%2BbwOJJhu%2BSQ2lgcA6hJ4jK0WmQtoQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 81287d35dc69bbf7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 100485

GET
H2 200 300x250.gif
cryptocoinsad.com/banner/ads_banner/ccsad/ Frame 4879 112 KB
113 KB 28ms
27ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/ccsad/300x250.gif
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397823
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5b9cb0cf924dc9eaa38ed4cdbcef009270ca7a8d1ec26d1dea66a70a8737f92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=257233&b=397823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 15:12:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1906
etag: "61f55959-1c051"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUJSs1dhLHTXOSeTHVhKcQRFrE2aWgbPeY%2FZDtxL8TV35G5P%2FYGfOBKk4E3HJVJkxwOYKRXExAwnbbCCyuFNUKPZcYIrvY867HEp3MoFRYizwI0RPb0w%2FINYjrEPJ1g4Kd%2Blc1GYNApv3KOvI8xthA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 81287d35dc6cbbf7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 114769

GET
H2 200 300x250.gif
cryptocoinsad.com/banner/ads_banner/ccsad/ Frame FB4C 112 KB
113 KB 26ms
26ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/ccsad/300x250.gif
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397823
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5b9cb0cf924dc9eaa38ed4cdbcef009270ca7a8d1ec26d1dea66a70a8737f92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=257233&b=397823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 15:12:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1906
etag: "61f55959-1c051"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cqx7IZiEG2bMjtUALDTi6oTlqLGFmAtJZnpz7nVLFUsZ6XXxvtEbKW4sQ1lM%2BFpZLokCZAUvfZ%2BMOg8%2FjvORiMnZm4xkR0JgNJA0roADJX%2BuxGdxSjImrdKWg5rjO3Dvu5wb%2B5uwyBhnRFDTSTPYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 81287d35dc6fbbf7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 114769

GET
H2 200 468%D1%8560.gif
cryptocoinsad.com/banner/ads_banner/ccsad/ Frame 031D 72 KB
72 KB 26ms
26ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/ccsad/468%D1%8560.gif
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dec29b3b4c5ee4344221982c0ea7b3e5b672bb4c7e77f41461eb9eea591b30a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 15:12:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2532
etag: "61f55959-11e22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86fEMhh%2B7tWMDzIudFDby9TKE%2FDDDI6%2Fb%2F%2BOgAFt7nCKlbWQBlQskPa5rm6dh1tWRC3l8T9Om8IE%2BT%2FshYBz0svvksa%2F17bMctedHR5y%2FIN%2FmSkyG6IaTuQ3bjgq3XOL46rTWeagg1%2FPIlrVK3%2Bhxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 81287d35dc70bbf7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 73250

GET
H2 200 icon.png
cryptocoinsad.com/ads/show/img/ Frame 004F 3 KB
4 KB 25ms
25ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/ads/show/img/icon.png
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=257233&b=397822
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 11:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3143
etag: "61f52b0c-ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbsdanBrjyskPsNK23Cfa0C9iFBl8DhGwSK5IfZSb49wkQkdDBbcVrminWCKTGAIynNoCNumYfcEpHc8NJhlF8A2vFS5EVSZbpkmAoFjuYyQ%2F34%2Bu3SRVwE%2FPB6V4eVAIFq1aQXgOQF%2FRAr%2B%2BLy2YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 81287d35dc73bbf7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3309

GET
H2 200 icon.png
cryptocoinsad.com/ads/show/img/ Frame 4879 3 KB
4 KB 23ms
22ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/ads/show/img/icon.png
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397823
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=257233&b=397823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 11:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3143
etag: "61f52b0c-ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sV9945AcsfN2SesnGLRNBxFUEjIfRV3rCXawc4DFzZTo8%2BIk0lJfsoPkSZyPNCbl6PMDpckHEABFKVW%2B5W0HJMOUdvJrTAjJDOdsZ%2BfWKWBnCKEzvA2JTZnVmmgpMYP%2BI0alGspRp9jkP1zDWAJjhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 81287d35ec7cbbf7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3309

GET
H2 200 icon.png
cryptocoinsad.com/ads/show/img/ Frame 5D8E 3 KB
4 KB 22ms
22ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/ads/show/img/icon.png
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 11:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3143
etag: "61f52b0c-ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nyQNHiHn55AYawFmMntFc90Rb7VpPtvtm9PQYauHV8BomkSE0q4rxyHeSPU%2FIuZGGgvBqY4WhdKX%2B5LUQayo1I1%2B4YYYtuMIqqEB6gwJGtKvK6BRcY0jQkvPPtFhjRSACdM%2Bjqr6QWzGz67W%2F2wBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 81287d35ec7fbbf7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3309

GET
H2 200 1haarasom Show response
embed.tawk.to/6503826a0f2b18434fd89910/ 2 KB
929 B 170ms
20ms Script
application/x-javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/6503826a0f2b18434fd89910/1haarasom

Requested by

Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1c1a45cc525d2d5fd64edbb13d78f028914d6d444b01a036b9c7992a074b400

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bambit.xyz/
Origin: https://bambit.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
server: cloudflare
age: 687
etag: W/"stable-v4-65040be8d34"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 81287d36d85d9b80-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 icon.png
cryptocoinsad.com/ads/show/img/ Frame 031D 3 KB
4 KB 19ms
19ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/ads/show/img/icon.png
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 11:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3143
etag: "61f52b0c-ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qf8c22XQV%2BUfHGyVsQEZWLwLYpjIKtV5uoadUNOqcnYQPXw8qhSkegkFMvQJv8qdHG%2BXbJmvcGTIPm06o31SKVkNQsQSBuoym1N8v7DUlcygNySb%2FlN60nBtezYl8umsUppzFrSTwvOP4IO4CSC4ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 81287d35ec86bbf7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3309

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 62C5 59 KB
34 KB 38ms
34ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leqf2cnAAAAADHxSfStAhvyK0wtW2OsdeBgql_g&co=aHR0cHM6Ly9iYW1iaXQueHl6OjQ0Mw..&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=4b7jq213aqdp

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b200026b628b30351088be1208c8020ee2d78f9d15da74174be92bd830364e7e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PGBrNAbUkf48yk4hCK0SpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bambit.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PGBrNAbUkf48yk4hCK0SpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 19:18:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94c544feaed1beea61d659d5595f59b89880091732515f9d028e5f0300683d65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f12775ecd54da7f90a737884a205f949eef3493766e516e2c0ebdecea30bc20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3ae53394e82e5603ef39976465998744a7ff47bec15807c1c1618ea63326bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a49e5406d54cf32d4a278fd268ee506a99e6277aa700e13dbf2fcdedf776c10

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 468%D1%8560.gif
cryptocoinsad.com/banner/ads_banner/ccsad/ Frame EF79 72 KB
72 KB 16ms
16ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/ccsad/468%D1%8560.gif
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dec29b3b4c5ee4344221982c0ea7b3e5b672bb4c7e77f41461eb9eea591b30a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 15:12:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2532
etag: "61f55959-11e22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BdsoT1ZEjn%2F3qoKvr6qyStdjcJICb98VeoMgKHtfP9TM%2Fg%2FZGNXmqdavLK4D2714HJ6edU3T7eKExrJVKcdBfG4uGgr2SOB7VYpajQTcCfbNLPGHRjt%2FmFOKkk0qpOSk%2ByL7Cj5ZbaAP3%2BKX26eBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 81287d36de1b1da0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 73250

GET
H3 200 icon.png
cryptocoinsad.com/ads/show/img/ Frame EF79 3 KB
4 KB 33ms
33ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/ads/show/img/icon.png
Requested by: Host: cryptocoinsad.com
URL: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptocoinsad.com/ads/show.php?a=257233&b=397824
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Jan 2022 11:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3143
etag: "61f52b0c-ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FedSdYa%2F0kD%2BHtxxVL%2FhdkEYk%2F4DyF1J7ojcuVYvPp%2ByR57SnTOFZRjiLBjM00ZuL%2Bi1syqzYIU%2BLX2zop3FjdLy5WhsfoxRWmTA%2BvaMDP3fQ1%2FKGF83XwoBca6cpg%2Blm3TY1exq56qt5R63YCikg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 81287d36de1e1da0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3309

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 62C5 55 KB
24 KB 24ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leqf2cnAAAAADHxSfStAhvyK0wtW2OsdeBgql_g&co=aHR0cHM6Ly9iYW1iaXQueHl6OjQ0Mw..&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=4b7jq213aqdp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 12:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Oct 2024 12:19:54 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 62C5 466 KB
187 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 07:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190978
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Oct 2024 07:31:14 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 62C5 102 B
135 B 16ms
16ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=lLirU0na9roYU3wDDisGJEVT

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc8116624ca13ea4125db423b0f4bf7cd676ec017003da5be04f40b83e1b2cb6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leqf2cnAAAAADHxSfStAhvyK0wtW2OsdeBgql_g&co=aHR0cHM6Ly9iYW1iaXQueHl6OjQ0Mw..&hl=de&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=4b7jq213aqdp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 07 Oct 2023 19:18:17 GMT

GET
H2 200 cc_7.js Show response
s10.histats.com/counters/ 15 KB
7 KB 22ms
22ms Script
text/javascript 2606:4700:10::6814:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_7.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:91f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7750ad654fff4678324af16f6848f593c1a38a9be573012ed371504e1d0aa75a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 28479
etag: "1927513874"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 81287d37be84996f-FRA
content-length: 6658

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8634 99 KB
29 KB 423ms
145ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: exactpay.online
URL: https://exactpay.online/naijafav.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85338e66d3a63bb6cf1ec3ba9d057a9772aaa355b5261e47a11c3bbcaa63cb8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exactpay.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29579
x-xss-protection: 0
server: cafe
etag: 368 / 19637 / m202310030101 / config-hash: 4974023841911941900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 07 Oct 2023 19:18:17 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1ab8ff845dd76b002a0108d0889959de13c4134717050c12bffeed116b0f314

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame E832 7 KB
1 KB 22ms
22ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6Leqf2cnAAAAADHxSfStAhvyK0wtW2OsdeBgql_g

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

16565bc98811d4744eb0169ae5cb623c2203a4a185378414ef6932fd4c571ba3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CpV6KymJ5RmTohYQKngcyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bambit.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-CpV6KymJ5RmTohYQKngcyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 19:18:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame E832 55 KB
24 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6Leqf2cnAAAAADHxSfStAhvyK0wtW2OsdeBgql_g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 12:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Oct 2024 12:19:54 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame E832 466 KB
187 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lLirU0na9roYU3wDDisGJEVT&k=6Leqf2cnAAAAADHxSfStAhvyK0wtW2OsdeBgql_g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 07:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190978
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Oct 2024 07:31:14 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/ Frame 8634 419 KB
132 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exactpay.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 17:28:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6563
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134829
x-xss-protection: 0
server: cafe
etag: 3697166202567710199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 06 Oct 2024 17:28:55 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8634 83 KB
37 KB 491ms
490ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3653807353019524&correlator=2307617467770669&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fifs&iu_parts=22875266973%2Cnaijafav&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&sc=1&cdm=exactpay.online&abxe=1&dt=1696706298120&lmt=1696279478&adxs=8&adys=8&biw=-12245933&bih=-12245933&isw=728&ish=90&scr_x=-12245933&scr_y=-12245933&ucis=nalv7ue0co2o&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fexactpay.online%2Fnaijafav.html&ref=https%3A%2F%2Fbambit.xyz%2F&top=https%3A%2F%2Fbambit.xyz%2F&vis=1&psz=712x90&msz=728x90&fws=256&ohw=0&ea=0&ga_vid=1700514820.1696706298&ga_sid=1696706298&ga_hid=640435172&ga_fc=false&dlt=1696706297604&idt=492&adks=246353599&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00270d132e58fc0ad583c640017c6fa07d7685c9b3eed53ff440c558e69ebbd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exactpay.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38217
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://exactpay.online
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1730 6 KB
3 KB 77ms
14ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exactpay.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 19:18:18 GMT
expires: Sun, 06 Oct 2024 19:18:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8634 16 KB
13 KB 88ms
57ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e0b63844d6172cbaa9c34d660acae9dce096bb9ad6ee3812b43e814dcf4f61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exactpay.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12712
x-xss-protection: 0

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 121 B
183 B 29ms
28ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6503826a0f2b18434fd89910/1haarasom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bambit.xyz/
Origin: https://bambit.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 113223
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d3c59139b80-FRA

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 81 KB
29 KB 21ms
20ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6503826a0f2b18434fd89910/1haarasom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bambit.xyz/
Origin: https://bambit.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 113223
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
etag: W/"ce3014b09c6dfbd6f92bc585fd840580"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d3c69159b80-FRA

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 209 KB
61 KB 29ms
28ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6503826a0f2b18434fd89910/1haarasom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ef1c0033184fc3d9927468f3e3fcf00bdef6607fef645c9d4d80e0cd6c17ee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bambit.xyz/
Origin: https://bambit.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 113223
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
etag: W/"c7d717342f2392436e14ee5e894cff01"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d3c69179b80-FRA

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 206 KB
41 KB 23ms
22ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6503826a0f2b18434fd89910/1haarasom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2b5298695dd08a5ac6f7df92d8001910b3df9d66045e7bc3251226a3bbd02a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bambit.xyz/
Origin: https://bambit.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 113223
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
etag: W/"cc2f5caa9ea6bd869eabebe15472439c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d3c69189b80-FRA

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 2 KB
1 KB 22ms
21ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6503826a0f2b18434fd89910/1haarasom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf2971fed2be2f47a0d7d0e48e0e0937690a7ae2afe740e452ded692a4eef189

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bambit.xyz/
Origin: https://bambit.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 23303
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
etag: W/"950ed0d9394df6df8ab8e30ac9b0cdcc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d3c69199b80-FRA

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 151 B
207 B 21ms
21ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6503826a0f2b18434fd89910/1haarasom

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bambit.xyz/
Origin: https://bambit.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 113223
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d3c691c9b80-FRA

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 32ms
22ms Fetch
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=6503826a0f2b18434fd89910&widgetId=1haarasom&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b545e4acaf134138790eaea12edb29d46f54602cd8d82dcdca8aff52e830e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 686
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-tpbh
server: cloudflare
etag: W/"2-2-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 81287d3d09ff9b80-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8634 17 KB
7 KB 42ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exactpay.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 19:18:18 GMT

POST
H3 200 start Show response
va.tawk.to/v1/session/ 982 B
1010 B 322ms
321ms Fetch
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

075a7127c19f3c3e175761cb17e7101c06845a0a6f009dac9f9e439ff71cdb8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bambit.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://bambit.xyz
access-control-allow-credentials: true
cf-ray: 81287d3de95e9267-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-bk03

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 131ms
131ms Preflight 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bambit.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://bambit.xyz
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81287d3d1a199b80-FRA
date: Sat, 07 Oct 2023 19:18:18 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-p0zb

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/languages/ 16 KB
4 KB 30ms
17ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1941503
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:52 GMT
server: cloudflare
etag: W/"585ba00b2c167b90c210161454f843b5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d3d48d19267-FRA

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CD6E 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exactpay.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38633
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 08:34:25 GMT
expires: Sun, 06 Oct 2024 08:34:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8D20 829 B
559 B 18ms
18ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9237af27c15bed69d92e5080818d836b96065c34a182a6e23b06bcc6901a991

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8-dpLwjVDmg3Zcrwfiby0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exactpay.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8-dpLwjVDmg3Zcrwfiby0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 19:18:18 GMT
expires: Sat, 07 Oct 2023 19:18:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8D20 0
0 70ms
46ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310030101&jk=3653807353019524&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame CD6E 37 KB
14 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 08:33:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Oct 2024 08:33:42 GMT

GET
H2 200 container.html Show response
3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6003 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exactpay.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 19:18:18 GMT
expires: Sun, 06 Oct 2024 19:18:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E70F 624 B
825 B 73ms
50ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYutPh8gEwAQ&v=APEucNUgT2gFQomBVER9SDtZlkg-3zplXW4Uj5QGOpOweqsQXHaPocQwXMjbp6h8V_KD8rjtw074XHUPm_t7u0ZRlAAkbW2DAM8OHrBY4gs41CHz5efoSZY87_6BIwv5iVY_K2rvd4n_OJjGvTqVRoL4LF-3AQQR3gGNafJh8gCiNHzYgFaTIAg

Requested by

Host: 3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com
URL: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 19:18:18 GMT
expires: Sat, 07 Oct 2023 19:18:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 6003 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 13:41:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:41:54 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 6003 7 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 13:45:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:45:12 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6003 0
0 88ms
50ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1BLuwE0FuaJ_yHmR1w0S5I32BTKgy11jffg_GUXCNJCh1FF6xBjPiNrGT9lQt9zvfawuttnzXI_DaaZbKZAj_0z4ye1Mll1RigLaDV-BDa7kROovCFr0LROG_wFPT8S_m8sgX_YiZGSU-5xueN7ieFtiK2Ez5MYOiBSyUN6ZS43aDqm0V1Z158TWZD74qUspbNLfTDWdlnGeky4PN5q21ht1FGrnhNPajBb3yrD6Qp-wFjLD0Wwi7M4ojLJZFocubZQy5jWKkcmkJOgRmdJi5tXi6gAvM6UZU59cMAiHCVwshaR1RZ5AbgRSHfFkvZYl0YEfZRgzFzCLRZFeAlNiSoz5i6fzWhIVS6eH__BjbD_Lv_ZfN0pmzLAun8bBj_5KPagVRpcHHgc2KN4L3x4lY-Vq4OPyOkQvM1xC68ilR1x2OLagKqgR1-wFznFjTIPjcwsC5Bo5CagN_8gnFdHayDsLoNSKm4VvGCFA2ru7JlPkS9ZMhxnbzUchX-YxsRsFjn2g8rvwZ049_BgWPXlblboBRTn_BoTFkE9xUwIO1a9QVU3YKCG3Gqm5B46VPOJ4oTfWKKKuryXBUB1AmeMsuISS9o4XyYUJBTqKbcM6zvi_5pT89K1HLhQfb1JypnvZyxk-2l652TGugB1Ym_-w6ZxPfBmxTF1cXQnMHKhQvymRKXlkSuyjt5BP9EBE8FCNjT_7fnPzQ1rVIFiaEDHWWCvnRPBYoDEFYxv9yITpp0fc-cwPe4UeLXnqolWY9195gPSiWx9GJP06KUxs0al91ENbK6bG9JAxRghR-f2TOBisUUjDmvhMlw0pG7dN_6-l83vw0JmFrwDCtSGVxm4D6ubmy5xqj_d2hrefVomVV7FDQN_YnJ2udsMsvrQeEYz5NlDeuA_E9ShUMd1Pdbe0RMs8hXv79WY4flRDtgnls4bUEaDHgWFLp-nIt8LL5wcieyH5uKVvRT5Ymg3b1pfYF4NnLTRrW2Dd_0Wri_PVDF8FiGr8UMVVyWfJHdr1JkPuDnuNXImpaJdxF6uALbWrYF98yi3CqOxIJTYsJJwI_1YRYZE6PrdSZSqOFhCVOEzI7vRBSVShBNZdce1EiC5Gk8C7_jNcANi6vARJf81-jN7cOpQOGgL-leYZS5h-8k8i8RFfHR8GTdyeRzqGRQm8AGjG2B1nvQ-j5itqQI3hTnjftJU6jveiqyAeiICvIxAIpBrY9GiTwiK9w495oO8PgVChwp6BRVCEw_-jGszPsv_MCsQmbf9o&sai=AMfl-YRebHUAmXaO4qTdRmUOn9uyNvDUi9pkYXfP1uEexTukrNMJQ4_Yi3cFt2D4oRCQkx2qxc0AgnhaQ68RlZhFRUx0Yjx3W6gZQ0VwGH9SVGzAHiYoZH0slIa4-vcGV8HOp5PGyXIb1lJPytXZmLeEUYxccECT4_QR9RJPzg-IBhS5dTA5k1588V-WMwvbrNA21RcjdTeu98rs6RqCbq-olOwuv7GhMQFR6GoQ8RiUrKU0VQnG5oNrOZdr&sig=Cg0ArKJSzHtXjyD3mzOkEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231004.44107&arae=0&ftch=1&adurl=

Requested by

Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 07 Oct 2023 19:18:18 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 07 Oct 2023 19:18:18 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6003 41 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 12:26:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 6003 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com
URL: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 08:33:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 08:33:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 6003 20 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com
URL: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:36:09 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6003 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DL32FV_xwZR-_yOXv_p8MCtkBIMaHFR--4X_3o0XMC1yL8LwYTae0sCYk7fyBeA0O3TsFyPtDuX63is3f394pPT2QZwIdh8zFQyjbx3TtNT2gGflQ

Requested by

Host: 3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com
URL: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 19:18:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6003 187 KB
59 KB 47ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com
URL: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 19:18:18 GMT

GET
H2 200 6634466864517576002
s0.2mdn.net/simgad/ Frame 6003 44 KB
45 KB 44ms
9ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6634466864517576002

Requested by

Host: 3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com
URL: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd1c4ac14764c89508c9832e43b2a10dc89bebee42c9b0a76ad90443f41eecda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:26:04 GMT
x-content-type-options: nosniff
age: 197534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45260
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 15:39:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 12:26:04 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FC87 22 KB
8 KB 9ms
9ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 128370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:38:48 GMT
expires: Sat, 05 Oct 2024 07:38:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6003 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82087e4f2f5dc301f639f9771cdb1acbee6e29b8d3f7e43f312cb29e6ee2dcde

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CD6E 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jjoiQg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E70F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGOv4_54MJUUfmP-1LSjm6k&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGOv4_54MJUUfmP-1LSjm6k&google_cver=1&C=1

43 B
767 B

40ms
40ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGOv4_54MJUUfmP-1LSjm6k&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYutPh8gEwAQ&v=APEucNUgT2gFQomBVER9SDtZlkg-3zplXW4Uj5QGOpOweqsQXHaPocQwXMjbp6h8V_KD8rjtw074XHUPm_t7u0ZRlAAkbW2DAM8OHrBY4gs41CHz5efoSZY87_6BIwv5iVY_K2rvd4n_OJjGvTqVRoL4LF-3AQQR3gGNafJh8gCiNHzYgFaTIAg
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 19:18:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlUXG1dQATgvM%2FTVW1GQVBKtuxJ5JM8ePijc0OQQn3MxQZwlRlV6LXd660ZwmM3szS6qi8Gz5Uh9TZoYi7NYQpXFoYhHHH0w0716vnIbfCfH7CUKUPOsg8ynW5BMj8Pzh2Smkc34M0X74w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81287d406e4d1cc9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 07 Oct 2023 19:18:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7mmYN16ZvyZc%2BOuOfiD0LaWAfE1CYtQKPV94LktObPMMbR2vMNRHn2VrDRd%2B6L4H5V4iqybXbwZLW2CKUrIN93euLyIgVOBxZZEjXGRXwk8ymK9moSm6j853hgzNsQcu7t7PVQiNuHTsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEGOv4_54MJUUfmP-1LSjm6k&google_cver=1&C=1
cache-control: no-cache
cf-ray: 81287d400cb52c4f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E70F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSGu.pFCFn4yVJKgjggVEAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGOv4_54MJUUfmP-1LSjm6k&google_cver=1&google_hm=2

43 B
738 B

33ms
33ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGOv4_54MJUUfmP-1LSjm6k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYutPh8gEwAQ&v=APEucNUgT2gFQomBVER9SDtZlkg-3zplXW4Uj5QGOpOweqsQXHaPocQwXMjbp6h8V_KD8rjtw074XHUPm_t7u0ZRlAAkbW2DAM8OHrBY4gs41CHz5efoSZY87_6BIwv5iVY_K2rvd4n_OJjGvTqVRoL4LF-3AQQR3gGNafJh8gCiNHzYgFaTIAg
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 19:18:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0CCwD2s9ZO5I66cglrANOFn%2Bl%2BvOCQ%2BEuEpFLxj1oAlo9uYEiiifGWvCDMoNHgHwq7pjibm4MEC%2FGivhwCa9atMM1rrTIjigwZ2R5I24g3%2FKb%2FJ56gL%2FjFWP7owMBUDHu9ZPAXw7FkYAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81287d40aecd1cc9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 07 Oct 2023 19:18:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGOv4_54MJUUfmP-1LSjm6k&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame E70F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ_2eWKNIqZSGEUL5dxLnLw&google_cver=1

43 B
843 B

104ms
103ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJ_2eWKNIqZSGEUL5dxLnLw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYutPh8gEwAQ&v=APEucNUgT2gFQomBVER9SDtZlkg-3zplXW4Uj5QGOpOweqsQXHaPocQwXMjbp6h8V_KD8rjtw074XHUPm_t7u0ZRlAAkbW2DAM8OHrBY4gs41CHz5efoSZY87_6BIwv5iVY_K2rvd4n_OJjGvTqVRoL4LF-3AQQR3gGNafJh8gCiNHzYgFaTIAg

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 19:18:18 GMT
an-x-request-uuid: 8f9f2596-30f0-4abd-be94-9a1733285eab
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.198; 80.255.10.198; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Oct 2023 19:18:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJ_2eWKNIqZSGEUL5dxLnLw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E70F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQzMjE1NjUzNzIxMDYzNzE4Ng%3D%3D

170 B
243 B

22ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQzMjE1NjUzNzIxMDYzNzE4Ng%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 19:18:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Oct 2023 19:18:18 GMT
an-x-request-uuid: 683a3f31-cd7a-4131-99a2-4cd9865960ac
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQzMjE1NjUzNzIxMDYzNzE4Ng%3D%3D
x-proxy-origin: 80.255.10.198; 80.255.10.198; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6003 0
0 47ms
47ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1BLuwE0FuaJ_yHmR1w0S5I32BTKgy11jffg_GUXCNJCh1FF6xBjPiNrGT9lQt9zvfawuttnzXI_DaaZbKZAj_0z4ye1Mll1RigLaDV-BDa7kROovCFr0LROG_wFPT8S_m8sgX_YiZGSU-5xueN7ieFtiK2Ez5MYOiBSyUN6ZS43aDqm0V1Z158TWZD74qUspbNLfTDWdlnGeky4PN5q21ht1FGrnhNPajBb3yrD6Qp-wFjLD0Wwi7M4ojLJZFocubZQy5jWKkcmkJOgRmdJi5tXi6gAvM6UZU59cMAiHCVwshaR1RZ5AbgRSHfFkvZYl0YEfZRgzFzCLRZFeAlNiSoz5i6fzWhIVS6eH__BjbD_Lv_ZfN0pmzLAun8bBj_5KPagVRpcHHgc2KN4L3x4lY-Vq4OPyOkQvM1xC68ilR1x2OLagKqgR1-wFznFjTIPjcwsC5Bo5CagN_8gnFdHayDsLoNSKm4VvGCFA2ru7JlPkS9ZMhxnbzUchX-YxsRsFjn2g8rvwZ049_BgWPXlblboBRTn_BoTFkE9xUwIO1a9QVU3YKCG3Gqm5B46VPOJ4oTfWKKKuryXBUB1AmeMsuISS9o4XyYUJBTqKbcM6zvi_5pT89K1HLhQfb1JypnvZyxk-2l652TGugB1Ym_-w6ZxPfBmxTF1cXQnMHKhQvymRKXlkSuyjt5BP9EBE8FCNjT_7fnPzQ1rVIFiaEDHWWCvnRPBYoDEFYxv9yITpp0fc-cwPe4UeLXnqolWY9195gPSiWx9GJP06KUxs0al91ENbK6bG9JAxRghR-f2TOBisUUjDmvhMlw0pG7dN_6-l83vw0JmFrwDCtSGVxm4D6ubmy5xqj_d2hrefVomVV7FDQN_YnJ2udsMsvrQeEYz5NlDeuA_E9ShUMd1Pdbe0RMs8hXv79WY4flRDtgnls4bUEaDHgWFLp-nIt8LL5wcieyH5uKVvRT5Ymg3b1pfYF4NnLTRrW2Dd_0Wri_PVDF8FiGr8UMVVyWfJHdr1JkPuDnuNXImpaJdxF6uALbWrYF98yi3CqOxIJTYsJJwI_1YRYZE6PrdSZSqOFhCVOEzI7vRBSVShBNZdce1EiC5Gk8C7_jNcANi6vARJf81-jN7cOpQOGgL-leYZS5h-8k8i8RFfHR8GTdyeRzqGRQm8AGjG2B1nvQ-j5itqQI3hTnjftJU6jveiqyAeiICvIxAIpBrY9GiTwiK9w495oO8PgVChwp6BRVCEw_-jGszPsv_MCsQmbf9o&sai=AMfl-YRebHUAmXaO4qTdRmUOn9uyNvDUi9pkYXfP1uEexTukrNMJQ4_Yi3cFt2D4oRCQkx2qxc0AgnhaQ68RlZhFRUx0Yjx3W6gZQ0VwGH9SVGzAHiYoZH0slIa4-vcGV8HOp5PGyXIb1lJPytXZmLeEUYxccECT4_QR9RJPzg-IBhS5dTA5k1588V-WMwvbrNA21RcjdTeu98rs6RqCbq-olOwuv7GhMQFR6GoQ8RiUrKU0VQnG5oNrOZdr&sig=Cg0ArKJSzHtXjyD3mzOkEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=146&vt=11&dtpt=144&dett=2&cstd=0&cisv=r20231004.44107&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: bambit.xyz
URL: https://bambit.xyz/instant/btc/?r=1exaDMoKy7ib5ewfrm7KWFok72b1AzAue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js Show response
pagead2.googlesyndication.com/bg/ Frame FC87 38 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 07:37:15 GMT

GET
H3 200 twk-chunk-2c78ba82.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 8 KB
3 KB 28ms
27ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-2c78ba82.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

474e5c9e830f5880b426a1fdb1cf3431f9d8d4e9d37798e6533d2c05aeb1240c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1941504
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
etag: W/"298b9a84c80ec4290468c5363a5874cc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d3ffb299267-FRA

GET
H3 200 twk-chunk-696bc286.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 18 KB
5 KB 21ms
20ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-696bc286.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2295689566dda4317f8b85878c0bc7f8225ed4b7030b721919fd97dd7ff24455

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1941504
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
etag: W/"b6c6ad75eaaacd8a246d888f41b7257b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d3ffb2c9267-FRA

GET
H3 200 twk-chunk-f1596d96.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 11 KB
4 KB 19ms
19ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-f1596d96.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73b34b5bf4923d49928661fca4b4b3ce11b919c677a75e5c3212499c5c6d461c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1941504
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
etag: W/"57604156dedbf84066e419530249f57d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d3ffb2d9267-FRA

GET
H3 200 twk-chunk-2d0b383d.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 689 B
673 B 17ms
17ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-2d0b383d.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72deb01333692d6942fe77383825537b0dac6653af9b50312a53fdf3b31efa09

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1941504
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
etag: W/"a6432972b93f7d0476635e7ac224d718"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d3ffb2e9267-FRA

GET
H3 200 twk-chunk-48f46bef.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 19 KB
5 KB 21ms
21ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-48f46bef.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79dd531c5f91a1f17b61df5699793c86398596d4cc59ab2ea755055447fff10c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1941504
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
etag: W/"93a39d638484db9e64d39fd27cd99a61"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d3ffb2f9267-FRA

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 906 B
662 B 17ms
17ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1941504
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d3ffb319267-FRA

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 535 B
575 B 17ms
17ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1941504
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
etag: W/"c506281367048d4a134c9affbc68c8c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d3ffb329267-FRA

GET
H3 200 twk-chunk-07cad36d.js Show response
embed.tawk.to/_s/v4/app/65040be8d34/js/ 93 KB
20 KB 36ms
36ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-07cad36d.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68bcbbae7c57a53b0f7ae2173d3a237a5e1c4d7cf2d93ca168a48579602a8226

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1941504
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
etag: W/"296002b98d5ff229143022fe32e18c63"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d3ffb349267-FRA

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/65040be8d34/css/ Frame D847 24 KB
5 KB 16ms
15ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1941503
cf-polished: origSize=24831
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 15 Sep 2023 07:48:51 GMT
server: cloudflare
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d404b759267-FRA

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/65040be8d34/css/ Frame 2709 13 KB
3 KB 23ms
22ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1941503
cf-polished: origSize=13594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 15 Sep 2023 07:48:50 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d405b7d9267-FRA

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/65040be8d34/css/ Frame 628A 37 KB
8 KB 21ms
20ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98f3004edce9989eb1410055c57772a2be9c7810ab5811261fff0487cd4645b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1941503
cf-polished: origSize=38360
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 15 Sep 2023 07:48:50 GMT
server: cloudflare
etag: W/"03fb642386334234f457befc22111bea"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d406b8f9267-FRA

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/65040be8d34/css/ Frame B64C 73 KB
14 KB 24ms
23ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65040be8d34/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0184fbee1d098b9d08dd83c0a45b9a053ccee598adf89615c3931c06dca09c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1941503
cf-polished: origSize=74869
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 15 Sep 2023 07:48:50 GMT
server: cloudflare
etag: W/"e403409940fa900260225b2e7b303010"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d409bbb9267-FRA

GET
H3 200 168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 2709 22 KB
6 KB 18ms
17ms Image
image/svg+xml 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1762428
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 May 2021 07:25:19 GMT
server: cloudflare
etag: W/"f66e029841759471d2ec78b86760dca7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 81287d40abca9267-FRA

GET
H3 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
39 KB 43ms
31ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-vendors.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bambit.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19651482
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230136-FRA, cache-yyz4541-YYZ
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5qSQqTD1ZXXmeOzRCpNvGrHxoNnvX8RAgTAMkVNms43LNlBakTQ2XJFEVHUUafeOrfRUjkTEAJ9sz7tE1ehklPni%2FCtIkvKckymmr395iCCFtEQKKFx83IgIDj92qsaG2qNWyvync0lU0vbQbs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 81287d40c96f1c19-FRA

GET
H3 200 tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 2709 10 KB
11 KB 21ms
21ms Font
font/woff2 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/css/bubble-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.tawk.to/_s/v4/app/65040be8d34/css/bubble-widget.css
Origin: https://bambit.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 19:18:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 564
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 10520
last-modified: Sat, 22 May 2021 07:25:13 GMT
server: cloudflare
etag: "054b3b66812d0a4b87ffc6776f0a42f1"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
cf-ray: 81287d40bb2535df-FRA

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC87 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bzhoa-q4hZdPQCeOYjuwPnL--6AgAAAAAOAHgBAI&bg=!enmleTbNAAYMG8UMLBs7ADQBe5WfOLHYocAaDItZIdPQ694XcsIL3Dxmc5KRNs3ZELKT1qVXYUsDS6MP03QhBHnE9Je_AgAAAIxSAAAABmgBB5kDIKenB5hVshBJ8a8iQWm87ovQJ6Y9wo_Q8cTAsMQNOX11cbcZrS3WHAG8TdHQ10TyK7nVWmj4nv_HrMkmO5gTsxL-6k1PQA7GwUWyHgzEEAaPyrx8MswzKec5tVg_561ooSeLVMXWuwEvBkWDkbXZxBoEi-cyfuCEWhbPjag_mR6ZZ8lEjPCI-iNLhY1pVOCYvyG8RnMEcL8qWJAIFmwuHODygxYpE0IBT3BJMrd-OuEgUjVaw9T7Vu8A95LONsNVTIKUMYVzCsFBySyEkzAGXCBbwI4ysxs6Wk35BRZQ1PGzkpFbzY7-IZqzk62ldlCut5jsbCyz6e_pET_TLQdkCycikc7gnwbTj-YgD98Qho3HWsmyPSLMDB1wfhyhI_6Ib0Jo08YK5K4fs3zL_EKLoJ0iCtIF8wpQCKDKPdvrGjYB0t6fFuAic9iLbnSq1M5CeMLLlVCAog8UP6xrC0F2oiQoA3AQNwaeGILLUdtibixwZ8a4pDHaBtzFrWCoRV-MNafpTSLAR8_WzsQxf1uF3HOb_D-2CspOfSN7uSag72T89QdCVypEn0Wtc8v7uy8uEjFxcb8z2yjTCiifnDiHgmNN9WeuspDExw4qGFP1IY_i0V8JXV_2QABfjPzUsl3xGEv7JqLjVLgwkfBavObUKMTMvmWpMZpbH9Ney-rPZ-3cy_u6XF666h-P-PoR-M3LIBexNrAgPbgPuhOeG-0hi56V74vg2VzJGQ27wp0puBdNIoZr9yVFxP8DpGjMTkr0ok_vSUleDunXf4v1me_OwJU3x8p8SL9tL3OFdA4LoS8XIk3i5C_R2zBeN_i0u1onBnmniGnUTLkp59fk88fK0yceRL4Vkk5tOQ_MiN2k8LnC0XabgGjdoyDDzo5tnSnKyg_Et_qM3gDSDpMAaaEzy35dJvvrfzVl8Kmqd4wdPnkJ8GDxZl6Lhu4DpfMXOy86UJb6MyTugVXfBxa9Gd29MQ9NpaunUXejr6J28OoL5jYm0t4-T6byKxoIQlqkxB_m9Fcp-2990Rxk6DhV39GyfuU9GBUNbesod_lLS60pqlsT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 19:18:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8634 0
0 45ms
44ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310030101&jk=3653807353019524&bg=!-_il-LfNAAbjlzx0w5c7ADQBe5WfOOdNKYr21SY8G84n_0XlDBR0Yr6XK1HsoH6KkiUBiw01hqxmKK-OsuW1AIllFKooAgAAAPJSAAAAC2gBBwoAS6dsKFVmk7sWkDrp8_ngqPY-oa4cRCG7hx8eaIjSKjvMrjxEc9qA0zHk_N3hfDaLBOkXthP-9X2N0go3qoFtQOBsV1WOGgQQmxBvxJkC4bK8BEqvio_XtJgOr1h0LUUZW7MbWdqIRLuZQSmjxZsvEC-WLj8aFQeT7QcYgqU1QYbB29duYUMdkC9FxCCn6SCfbXVUVR9xOGHnlkGoiTkiwDZtpsyiqw8025cGi7UlAxVWHLx7CyWvEfTpiSMlKQuqQuPIiAFQUSoH9ERCSeifunF3EXQm5EKa_sSK3d47nbL2WW7lEM-F43v8GEVwhE9u1qj1-M_7cSqiG2bUCJ1QuZ68XtJlePcZf3EtbfoenlRczdrn81bKpNh_0aWrHQbXnUF7xo_ORcb7RMjx6Yq6N4ak0GvtOSUeO5TWsdBb6PnG1P12nm585N6brykFTNurU-AMhtswbVOpx0FMHGsZroP-cfNRcUdOXj_zyRhtJJTZtJrZW1iVes51TOoSZD1NTSiPEL0ZjzcZDEJ116sNG_e5KBHBbsl-2FqSkQ-7zE2TOvgLS_67rZzly9IVsicQ6aw6YsvI7eI-gR6Hd5R8uCGJjRExI6P8rO53yzn2qiT3zUNiuxpyR-OiTmwaS7TENKJ3LfPRxldbOSH88wa-rQ91q2wM3bby59krkg9_ve1RIUBYGoSWqzYJfVGx-rqwCFRQPi8CzBMYI2pDtUr_fnwsBAOg3gePQ1udXvlw6mehgSztFSkQnYhAv_H8aYqImIx0-5-rT-mA3t_QZxA3PcO3N32Km-frjbC_puyex_m4Wtrd4b5Z7uBXkqo4oFJYvwTLnCsKF1tZThuYUqcc_JrQLLJyj83RyyoGWEwvN158vthB4Aq5eXV3tdLxLZwnM3e8YL0W9DTft6oBRhKTcnafbYq5tNvNwusaCkQZw8eDuMW8i82WRwWBQJ19ZuJ4yMCu3wImVJMxtPCtphPPrN4r8ysvmvtkwxFxei8L1B7wVBc0cHLCMKL4AokgC2OIBZF7fRctjJnLQiN0UZKHYFg4qQXC2HcVct6VHJ65y613J592rP8UbpbhnlVhSbn3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exactpay.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 140ms
139ms Preflight 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bambit.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://bambit.xyz
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81287d432e6035df-FRA
date: Sat, 07 Oct 2023 19:18:19 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-9fr8

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
258 B 142ms
142ms Fetch
text/html 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65040be8d34/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bambit.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 07 Oct 2023 19:18:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bambit.xyz
access-control-allow-credentials: true
cf-ray: 81287d440f8635df-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-jvng

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6003 42 B
174 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuguxZrDoDEKbboqA9Jy8iFa0hxNKmWZTr5Mi-xgo8MHlqRFE7xe6Hn-wmDPkW_z8rHE9U04sE8xqGGL40cg6LZSITh1XoF6S01Nh5pN3l-KbrDgGC14WBEvqXEi898VpVbE3xJfUAiEzSu&sai=AMfl-YRumC9V4fRFO1o4pcvJeEFBKOedpFs8I3T1t0OAL5QFF7bIh7EKjfHF7HbjW6xGTeoiZ1EcoBSgBxrn&sig=Cg0ArKJSzDXnug_HpaJjEAE&cid=CAQSGwDICaaNyIA6P1SgE7EYUniQe8Ie5McVTEUNlxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=0.9&if=1&vu=1&app=0&itpl=20&adk=246353599&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696706298645&rpt=167&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 19:18:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bambit.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 641896654a9e9081895119045d10e19e
.bambit.xyz/	1970-01-21 00:54:26	Name: _ga_JD9ZD4BTJ7 Value: GS1.1.1696706297.1.0.1696706297.0.0.0
.bambit.xyz/	1970-01-21 00:54:26	Name: _ga Value: GA1.1.1499587473.1696706297
bambit.xyz/	1970-01-21 00:04:02	Name: HstCfa4803420 Value: 1696706297221
bambit.xyz/	1970-01-21 00:04:02	Name: HstCla4803420 Value: 1696706297221
bambit.xyz/	1970-01-21 00:04:02	Name: HstCmu4803420 Value: 1696706297221
bambit.xyz/	1970-01-21 00:04:02	Name: HstPn4803420 Value: 1
bambit.xyz/	1970-01-21 00:04:02	Name: HstPt4803420 Value: 1
bambit.xyz/	1970-01-21 00:04:02	Name: HstCnv4803420 Value: 1
bambit.xyz/	1970-01-21 00:04:02	Name: HstCns4803420 Value: 1
bambit.xyz/	1969-12-31 23:59:59	Name: twk_idm_key Value: b1MtBHF7B3RUt-ZAxtywY
.doubleclick.net/	1970-01-21 00:40:02	Name: IDE Value: AHWqTUmtG8voJR-v14vYK7a8UVyFgB0Y-aW4yZ3gAYzSkFWFKNwDC8pNy4KbGOxKgeY
bambit.xyz/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.bambit.xyz/	1970-01-20 19:37:38	Name: twk_uuid_6503826a0f2b18434fd89910 Value: %7B%22uuid%22%3A%221.1hH81bwt75WgJxm1spacPdWlGbYbQGLjaChb47EoJFWs0Pf2pDknwfJM8I64LTZMELFVhVJ0bxKagRWE7GUm5xdsYnzi4n6CJlaz336Cg4yAK3Sxs0K%22%2C%22version%22%3A3%2C%22domain%22%3A%22bambit.xyz%22%2C%22ts%22%3A1696706298875%7D
.adnxs.com/	1970-01-20 17:28:02	Name: uuid2 Value: 1432156537210637186
.casalemedia.com/	1970-01-20 17:28:02	Name: CMPS Value: 5209
.casalemedia.com/	1970-01-21 00:04:02	Name: CMID Value: ZSGu.pFCFn4yVJKgjggVEAAA
.casalemedia.com/	1970-01-20 17:28:02	Name: CMPRO Value: 1213
.adnxs.com/	1970-01-20 17:28:02	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlbKSLm!!@wnfH8K6pQK`!5=E<L5?%K3mG<>l]!5`1gRU:jEoHFdG-`0BnA8n`_y^E%nugO%v4VB%nnwL*9W]y

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3e3c7bcea53d5a1af576d297cba8ba63.safeframe.googlesyndication.com
ad.a-ads.com
bambit.xyz
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
cryptocoinsad.com
dsum-sec.casalemedia.com
embed.tawk.to
exactpay.online
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
region1.google-analytics.com
s0.2mdn.net
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.a-ads.com
tpc.googlesyndication.com
va.tawk.to
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.27.193
142.250.186.34
142.250.186.98
142.4.219.198
162.0.209.150
192.110.165.154
2001:4860:4802:32::36
213.239.205.245
2606:4700:10::6814:91f
2606:4700:10::6816:1983
2606:4700::6810:5914
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:4001:801::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a04:4e42:400::649
2a06:98c1:3121::3
37.252.171.149
00270d132e58fc0ad583c640017c6fa07d7685c9b3eed53ff440c558e69ebbd9
0184fbee1d098b9d08dd83c0a45b9a053ccee598adf89615c3931c06dca09c39
075a7127c19f3c3e175761cb17e7101c06845a0a6f009dac9f9e439ff71cdb8a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be4ed3ca4c273c02bc33e0dab7a5dc320af47ab7e19668d8f3de24d882242c1
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0dec29b3b4c5ee4344221982c0ea7b3e5b672bb4c7e77f41461eb9eea591b30a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
16565bc98811d4744eb0169ae5cb623c2203a4a185378414ef6932fd4c571ba3
17172ed6d8f653456df89c8aac458a1fb0b722640265ee90175b1004ecca1213
1a49e5406d54cf32d4a278fd268ee506a99e6277aa700e13dbf2fcdedf776c10
1eb80f196f390a7a014dc31138862457b5986a3e47bf9a7288571a2a466be498
2295689566dda4317f8b85878c0bc7f8225ed4b7030b721919fd97dd7ff24455
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3406fb339d2d7f2b28d01359fc7a7fcb504da4e487e9077dbfd504e589794d11
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
474e5c9e830f5880b426a1fdb1cf3431f9d8d4e9d37798e6533d2c05aeb1240c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59a8ed4238390c6e34e906cab2ebe6f3cfa19b484db3a601d414cc2d3c18b728
5e0b63844d6172cbaa9c34d660acae9dce096bb9ad6ee3812b43e814dcf4f61b
5ef1c0033184fc3d9927468f3e3fcf00bdef6607fef645c9d4d80e0cd6c17ee0
603799164096822f17564e42267b4af37947617b00114c466457f817311d2507
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
68bcbbae7c57a53b0f7ae2173d3a237a5e1c4d7cf2d93ca168a48579602a8226
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
72deb01333692d6942fe77383825537b0dac6653af9b50312a53fdf3b31efa09
73b34b5bf4923d49928661fca4b4b3ce11b919c677a75e5c3212499c5c6d461c
75997486ced2a1c90180df36d0e45032930ae4ac05cddaabcfd04f13c79f06e7
7667d41929dbee536024b3381aa9e72c4c711d03c5c75fdf227a0537483bbf99
7750ad654fff4678324af16f6848f593c1a38a9be573012ed371504e1d0aa75a
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
79dd531c5f91a1f17b61df5699793c86398596d4cc59ab2ea755055447fff10c
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
82087e4f2f5dc301f639f9771cdb1acbee6e29b8d3f7e43f312cb29e6ee2dcde
85338e66d3a63bb6cf1ec3ba9d057a9772aaa355b5261e47a11c3bbcaa63cb8b
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8b545e4acaf134138790eaea12edb29d46f54602cd8d82dcdca8aff52e830e3d
8f12775ecd54da7f90a737884a205f949eef3493766e516e2c0ebdecea30bc20
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
94c43703f88a9e6896620b095335e3a70492a2a5bb415048e106d278f38e535f
94c544feaed1beea61d659d5595f59b89880091732515f9d028e5f0300683d65
96d937266e197db610a6e47e75f3afe063b0795eb0559104696e89bf74c538cb
98f3004edce9989eb1410055c57772a2be9c7810ab5811261fff0487cd4645b4
9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46
9b4fdb2e5c9bd367f9a31f363c9ed2ba5670818161e146ef9dface16dca71722
9fdbc1af69060f7ac95a881a27e223b145f52141ea57222a23eda8a2df6a7d9d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2b5298695dd08a5ac6f7df92d8001910b3df9d66045e7bc3251226a3bbd02a7
ae8733fbaff642fc86c871273af6a0430ca67d764e4169c5a38c6fd66fbf8169
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828
b200026b628b30351088be1208c8020ee2d78f9d15da74174be92bd830364e7e
b4aad5a1e4471706de1df9b551ded493452695a8607def30a5ee65e5d83af116
b5b9cb0cf924dc9eaa38ed4cdbcef009270ca7a8d1ec26d1dea66a70a8737f92
bd1c4ac14764c89508c9832e43b2a10dc89bebee42c9b0a76ad90443f41eecda
bf2971fed2be2f47a0d7d0e48e0e0937690a7ae2afe740e452ded692a4eef189
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
dbcf008c0d14602287aacc484727d63fe076217f0ed244c228ee96005aaa75d5
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e1ab8ff845dd76b002a0108d0889959de13c4134717050c12bffeed116b0f314
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
ed8a54f7aa3d9392d73838bd3cfc83fe36e5930ee1db63a9427359b8a583f111
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c1a45cc525d2d5fd64edbb13d78f028914d6d444b01a036b9c7992a074b400
f3ae53394e82e5603ef39976465998744a7ff47bec15807c1c1618ea63326bb2
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9237af27c15bed69d92e5080818d836b96065c34a182a6e23b06bcc6901a991
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fc8116624ca13ea4125db423b0f4bf7cd676ec017003da5be04f40b83e1b2cb6

bambit.xyz Open in urlscan Pro 192.110.165.154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

107 Requests

96 %HTTPS

71 %IPv6

21 Domains

30 Subdomains

29 IPs

4 Countries

3758 kBTransfer

6993 kBSize

19 Cookies

2 Outgoing links

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bambit.xyz Open in urlscan Pro
192.110.165.154 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

96 %
HTTPS

71 %
IPv6

21
Domains

30
Subdomains

29
IPs

4
Countries

3758 kB
Transfer

6993 kB
Size

19
Cookies

107 HTTP transactions
8 data transactions