gemidar.xyz Open in urlscan Pro
172.67.222.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.earn-money.offcx.cloud/
Effective URL:
https://gemidar.xyz/streaming/3/cc/index.php?affiliate_id=80_646bb149-802d-4e88-bec1-ad795e50b8de__&cid=6637bfb9c6e8...
Submission: On May 05 via automatic, source certstream-suspicious (May 5th 2024, 5:19:56 pm UTC) — Scanned from SG

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 8 domains to perform 53 HTTP transactions. The main IP is 172.67.222.144, located in United States and belongs to CLOUDFLARENET, US. The main domain is gemidar.xyz.
TLS certificate: Issued by E1 on April 12th 2024. Valid for: 3 months.

This is the only time gemidar.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2400:8901::f0... 2400:8901::f03c:93ff:feca:97b3	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	2606:4700:10:... 2606:4700:10::6814:4373	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.56.240.130 149.56.240.130	16276 (OVH) (OVH)
1 2	52.76.104.211 52.76.104.211	16509 (AMAZON-02) (AMAZON-02)
1 1	172.67.134.228 172.67.134.228	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.91.91.144 34.91.91.144	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 5	172.67.222.144 172.67.222.144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
53	6

1 2400:8901::f03c:93ff:feca:97b3 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)

www.earn-money.offcx.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:4373 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.130 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534298.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.76.104.211 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-104-211.ap-southeast-1.compute.amazonaws.com

trk.allsportspass.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.134.228 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

trk2.magixflix.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.91.144 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 144.91.91.34.bc.googleusercontent.com

to.tracking-zy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.222.144 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gemidar.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	gemidar.xyz 1 redirects gemidar.xyz	26 KB
2	allsportspass.club 1 redirects trk.allsportspass.club	2 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 13913 s4.histats.com — Cisco Umbrella Rank: 13947	5 KB
1	tracking-zy.com 1 redirects to.tracking-zy.com	428 B
1	magixflix.club 1 redirects trk2.magixflix.club	501 B
1	offcx.cloud www.earn-money.offcx.cloud	929 B
0	cloudflare.com Failed cdnjs.cloudflare.com Failed
0	dtscout.com Failed e.dtscout.com Failed
53	8

	Domain	Requested by
5	gemidar.xyz	1 redirects trk.allsportspass.club gemidar.xyz
2	trk.allsportspass.club	1 redirects www.earn-money.offcx.cloud
1	to.tracking-zy.com	1 redirects
1	trk2.magixflix.club	1 redirects
1	s4.histats.com	s10.histats.com
1	s10.histats.com	www.earn-money.offcx.cloud
1	www.earn-money.offcx.cloud
0	cdnjs.cloudflare.com Failed	gemidar.xyz
0	e.dtscout.com Failed	s4.histats.com
53	9

This site contains no links.

Subject Issuer	Validity	Valid
www.earn-money.offcx.cloud R3	`2024-05-05` - `2024-08-03`	3 months	crt.sh
s10.histats.com E1	`2024-04-11` - `2024-07-10`	3 months	crt.sh
histats.com R3	`2024-02-16` - `2024-05-16`	3 months	crt.sh
trk.allsportspass.club R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
gemidar.xyz E1	`2024-04-12` - `2024-07-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gemidar.xyz/streaming/3/cc/index.php?affiliate_id=80_646bb149-802d-4e88-bec1-ad795e50b8de__&cid=6637bfb9c6e8f800019ad5ba&lp=streaming_3_mo&m=
Frame ID: 4D714B891328885290912068568573FA
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.earn-money.offcx.cloud/ Page URL
https://trk.allsportspass.club/646bb149-802d-4e88-bec1-ad795e50b8de?q=register%20to%20earn%20money&sub1=Elvan HTTP 307
https://trk.allsportspass.club/646bb149-802d-4e88-bec1-ad795e50b8de/2?q=register%20to%20earn%20money&sub1=E... Page URL
https://trk2.magixflix.club/?site=https:%2F%2Fto.tracking-zy.com%2Fclick%3Fpid%3D80%26offer_id%3D455%26r... HTTP 302
https://to.tracking-zy.com/click?pid=80&offer_id=455&ref_id=wo9pmia9a80ec1313mbbi906&sub1=646bb149-802d... HTTP 302
https://gemidar.xyz/streaming/3/cc/index.php?affiliate_id=80_646bb149-802d-4e88-bec1-ad795e50b8d... HTTP 302
https://gemidar.xyz/streaming/3/cc/index.php?affiliate_id=80_646bb149-802d-4e88-bec1-ad795e50b8d... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

53
Requests

15 %
HTTPS

29 %
IPv6

8
Domains

9
Subdomains

6
IPs

4
Countries

33 kB
Transfer

123 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.earn-money.offcx.cloud/ Page URL
https://trk.allsportspass.club/646bb149-802d-4e88-bec1-ad795e50b8de?q=register%20to%20earn%20money&sub1=Elvan HTTP 307
https://trk.allsportspass.club/646bb149-802d-4e88-bec1-ad795e50b8de/2?q=register%20to%20earn%20money&sub1=Elvan Page URL
https://trk2.magixflix.club/?site=https:%2F%2Fto.tracking-zy.com%2Fclick%3Fpid%3D80%26offer_id%3D455%26ref_id%3Dwo9pmia9a80ec1313mbbi906%26sub1%3D646bb149-802d-4e88-bec1-ad795e50b8de_ HTTP 302
https://to.tracking-zy.com/click?pid=80&offer_id=455&ref_id=wo9pmia9a80ec1313mbbi906&sub1=646bb149-802d-4e88-bec1-ad795e50b8de_ HTTP 302
https://gemidar.xyz/streaming/3/cc/index.php?affiliate_id=80_646bb149-802d-4e88-bec1-ad795e50b8de__&cid=6637bfb9c6e8f800019ad5ba&reqi=209.58.162.239&rand=784044b6-53cb-4eda-9714-e6184a2dd6e4&random=1714929593&lp=streaming_3_mo&m= HTTP 302
https://gemidar.xyz/streaming/3/cc/index.php?affiliate_id=80_646bb149-802d-4e88-bec1-ad795e50b8de__&cid=6637bfb9c6e8f800019ad5ba&lp=streaming_3_mo&m= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://trk.allsportspass.club/646bb149-802d-4e88-bec1-ad795e50b8de?q=register%20to%20earn%20money&sub1=Elvan HTTP 307
https://trk.allsportspass.club/646bb149-802d-4e88-bec1-ad795e50b8de/2?q=register%20to%20earn%20money&sub1=Elvan

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.earn-money.offcx.cloud/ 1 KB
929 B 201ms
29ms Document
text/html 2400:8901::f03c:93ff:feca:97b3
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.earn-money.offcx.cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2400:8901::f03c:93ff:feca:97b3 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

DomaiNesia /

Resource Hash

a8737f9300e46368044dcee94861252c91432dab086189fb45eac3362a077856

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 05 May 2024 17:19:51 GMT
dn-request-id: 50aeb21f6812d5bc7596dc061d8fd29c
dynamic-cache-status: MISS
server: DomaiNesia
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 49ms
17ms Script
text/javascript 2606:4700:10::6814:4373
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: www.earn-money.offcx.cloud
URL: https://www.earn-money.offcx.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4373 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.earn-money.offcx.cloud/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 17:19:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 3068
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 87f265d8fc043de1-SIN
content-length: 4547

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 426 B
561 B 754ms
248ms Script
text/html 149.56.240.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4853395&@f16&@g1&@h1&@i1&@j1714929591217&@k0&@l1&@mELVAN&@n0&@o1000&@q0&@r0&@s0&@tzh-SG&@u1600&@b1:-125985141&@b3:1714929591&@b4:js15_as.js&@b5:480&@a-_0.2.1&@vhttps%3A%2F%2Fwww.earn-money.offcx.cloud%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.130 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534298.ip-149-56-240.net
Software: /
Resource Hash: d306aecb03484ed1bdffefe121ef5e69275e9bf6a1c8050c92c056f3412acdbe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.earn-money.offcx.cloud/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 05 May 2024 17:20:05 GMT
Connection: close
Content-Length: 426
Content-Type: text/html;charset=UTF-8

GET /
e.dtscout.com/e/ 0
0

GET
H2

200

2 Show response
trk.allsportspass.club/646bb149-802d-4e88-bec1-ad795e50b8de/
Redirect Chain

https://trk.allsportspass.club/646bb149-802d-4e88-bec1-ad795e50b8de?q=register%20to%20earn%20money&sub1=Elvan
https://trk.allsportspass.club/646bb149-802d-4e88-bec1-ad795e50b8de/2?q=register%20to%20earn%20money&sub1=Elvan

704 B
1 KB

268ms
267ms

Document
text/html

52.76.104.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.allsportspass.club/646bb149-802d-4e88-bec1-ad795e50b8de/2?q=register%20to%20earn%20money&sub1=Elvan
Requested by: Host: www.earn-money.offcx.cloud
URL: https://www.earn-money.offcx.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.76.104.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-104-211.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 125681e9d1f4161e36ccf824f0fca7459dbf55c8c9b41cc1180565c0bf376a25

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Referer: https://www.earn-money.offcx.cloud/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 704
content-type: text/html;charset=UTF-8
date: Sun, 05 May 2024 17:19:52 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx

Redirect headers

accept-ch: sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-full-version-list,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Sun, 05 May 2024 17:19:52 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://trk.allsportspass.club/646bb149-802d-4e88-bec1-ad795e50b8de/2?q=register%20to%20earn%20money&sub1=Elvan
pragma: no-cache
server: nginx

GET
H3

200

Primary Request index.php
gemidar.xyz/streaming/3/cc/
Redirect Chain

https://trk2.magixflix.club/?site=https:%2F%2Fto.tracking-zy.com%2Fclick%3Fpid%3D80%26offer_id%3D455%26ref_id%3Dwo9pmia9a80ec1313mbbi906%26sub1%3D646bb149-802d-4e88-bec1-ad795e50b8de_
https://to.tracking-zy.com/click?pid=80&offer_id=455&ref_id=wo9pmia9a80ec1313mbbi906&sub1=646bb149-802d-4e88-bec1-ad795e50b8de_
https://gemidar.xyz/streaming/3/cc/index.php?affiliate_id=80_646bb149-802d-4e88-bec1-ad795e50b8de__&cid=6637bfb9c6e8f800019ad5ba&reqi=209.58.162.239&rand=784044b6-53cb-4eda-9714-e6184a2dd6e4&random...
https://gemidar.xyz/streaming/3/cc/index.php?affiliate_id=80_646bb149-802d-4e88-bec1-ad795e50b8de__&cid=6637bfb9c6e8f800019ad5ba&lp=streaming_3_mo&m=

83 KB
0

1627ms
1627ms

Document
text/html

172.67.222.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gemidar.xyz/streaming/3/cc/index.php?affiliate_id=80_646bb149-802d-4e88-bec1-ad795e50b8de__&cid=6637bfb9c6e8f800019ad5ba&lp=streaming_3_mo&m=

Requested by

Host: trk.allsportspass.club
URL: https://trk.allsportspass.club/646bb149-802d-4e88-bec1-ad795e50b8de/2?q=register%20to%20earn%20money&sub1=Elvan

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.222.144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.27

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Referer: https://trk.allsportspass.club/646bb149-802d-4e88-bec1-ad795e50b8de/2?q=register%20to%20earn%20money&sub1=Elvan
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 87f265ed1bf95ff3-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 05 May 2024 17:19:56 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C8ydBDfF5SM7mbSphDpkItrF40zzdqebI5Dg6JJNzMV41mptZfO4nM8vg%2FlujtNkFJbT%2BaNl7CzGquI8JNxjcb%2F4cB5%2BglHl9y6Lu59WLyD2x24qB5Y%2FrPYaJnr44Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: PHP/8.1.27
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 87f265e76c585ff3-SIN
content-type: text/html; charset=UTF-8
date: Sun, 05 May 2024 17:19:54 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://gemidar.xyz/streaming/3/cc/index.php?affiliate_id=80_646bb149-802d-4e88-bec1-ad795e50b8de__&cid=6637bfb9c6e8f800019ad5ba&lp=streaming_3_mo&m=
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g3OmDpN97KQcjcaFp0LiB2DUEug4be0qyCzjLqRW1MXBQ8MH9d9LQNQb0swnmMTtFXVw%2BIqypBqFyXpvuusuRTglMiXW5aTHDdL4XFcQmvsbcnYOQ3BckCycl%2BxLvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-powered-by: PHP/8.1.27
x-xss-protection: 1; mode=block

GET bootstrap.min.css
gemidar.xyz/streaming/3/cc/css/ 0
0

GET
H3 200 css2.css
gemidar.xyz/streaming/3/cc/UltraFLIX5_files/ 3 KB
924 B 16ms
12ms Stylesheet
text/css 172.67.222.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gemidar.xyz/streaming/3/cc/UltraFLIX5_files/css2.css

Requested by

Host: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/index.php?affiliate_id=80_646bb149-802d-4e88-bec1-ad795e50b8de__&cid=6637bfb9c6e8f800019ad5ba&lp=streaming_3_mo&m=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.222.144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemidar.xyz/streaming/3/cc/index.php?affiliate_id=80_646bb149-802d-4e88-bec1-ad795e50b8de__&cid=6637bfb9c6e8f800019ad5ba&lp=streaming_3_mo&m=
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 17:19:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43442
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 May 2024 12:38:35 GMT
server: cloudflare
etag: W/"6633894b-b28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DTINI5r1tf9EQ6833rViU7hiowDlIF0XCvYimhkjSUtzfb1a5C%2FZJUReGKeIr3p67tc32tpF2jqWYaI8is8Pmwv1h6NoahnbOrc%2BDBQ0pO5kURthKFpzE1KVHP%2F53A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 87f265f77b555ff3-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET styles.css
gemidar.xyz/streaming/3/cc/UltraFLIX5_files/ 0
0

GET styles.css
gemidar.xyz/streaming/3/cc/css/ 0
0

GET siempre.css
gemidar.xyz/streaming/3/cc/css/ 0
0

GET jquery-2.2.4.min.js
gemidar.xyz/shared/js/ 0
0

GET bootstrap.min-4.1.1.js
gemidar.xyz/shared/js/ 0
0

GET
H3 200 logo.png
gemidar.xyz/streaming/3/cc/UltraFLIX5_files/ 6 KB
6 KB 35ms
32ms Image
image/png 172.67.222.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemidar.xyz/streaming/3/cc/UltraFLIX5_files/logo.png

Requested by

Host: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/index.php?affiliate_id=80_646bb149-802d-4e88-bec1-ad795e50b8de__&cid=6637bfb9c6e8f800019ad5ba&lp=streaming_3_mo&m=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.222.144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemidar.xyz/streaming/3/cc/index.php?affiliate_id=80_646bb149-802d-4e88-bec1-ad795e50b8de__&cid=6637bfb9c6e8f800019ad5ba&lp=streaming_3_mo&m=
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 17:19:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2003469
alt-svc: h3=":443"; ma=86400
content-length: 5708
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 Apr 2024 12:28:41 GMT
server: cloudflare
etag: "661928f9-164c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=17Pkub%2BY5jpRtvTKXez75iz0L33WWTuPNvx%2F4GTTEdX4pePaY%2BaYTWb1wgmpEg4YJ%2F25FVjR8EzdGqmGPEM8z5M%2BLfEVT4lipwjjQEbVQ%2FIWy8EY0RQQ4EV63nA0Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 87f265f77b605ff3-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 loading.gif
gemidar.xyz/shared/images/ 18 KB
18 KB 20ms
17ms Image
image/gif 172.67.222.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemidar.xyz/shared/images/loading.gif

Requested by

Host: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/index.php?affiliate_id=80_646bb149-802d-4e88-bec1-ad795e50b8de__&cid=6637bfb9c6e8f800019ad5ba&lp=streaming_3_mo&m=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.222.144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://gemidar.xyz/streaming/3/cc/index.php?affiliate_id=80_646bb149-802d-4e88-bec1-ad795e50b8de__&cid=6637bfb9c6e8f800019ad5ba&lp=streaming_3_mo&m=
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 05 May 2024 17:19:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2003469
alt-svc: h3=":443"; ma=86400
content-length: 18090
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 Apr 2024 12:28:40 GMT
server: cloudflare
etag: "661928f8-46aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ft9K%2FiNcgcVSnpbRs1UF62mXOoHJkpTBrwYouP1mqROM96wBdWoWg6VFGPP74PHT5wd%2F3bKBbRUZ5she2my3uTDKnUOZmJ8yNPrF2wm%2Fp0ZxbqxeEAzE1HUdjTLhYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 87f265f77b615ff3-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET button.png
gemidar.xyz/streaming/3/cc/UltraFLIX5_files/ 0
0

GET visa.png
gemidar.xyz/streaming/3/cc/img/ 0
0

GET visa-master-cvv.png
gemidar.xyz/shared/images/ 0
0

GET star.svg
gemidar.xyz/streaming/3/cc/UltraFLIX5_files/ 0
0

GET star-half.svg
gemidar.xyz/streaming/3/cc/UltraFLIX5_files/ 0
0

GET flag_zh.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_ar.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_bg.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_cs.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_da.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_de.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_el.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_en.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_es.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_fi.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_fr.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_he.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_hr.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_hu.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_it.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_ja.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_ms.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_nb.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_nl.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_pl.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_pt.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_ro.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_ru.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_sv.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET flag_tr.png
gemidar.xyz/streaming/3/cc/files/ 0
0

GET watching.jpg
gemidar.xyz/streaming/3/cc/UltraFLIX5_files/ 0
0

GET devices.jpg
gemidar.xyz/streaming/3/cc/UltraFLIX5_files/ 0
0

GET tv.png
gemidar.xyz/streaming/3/cc/UltraFLIX5_files/ 0
0

GET computer.png
gemidar.xyz/streaming/3/cc/UltraFLIX5_files/ 0
0

GET mobile.png
gemidar.xyz/streaming/3/cc/UltraFLIX5_files/ 0
0

GET main.js
gemidar.xyz/streaming/3/cc/ 0
0

GET imask.min.js
cdnjs.cloudflare.com/ajax/libs/imask/3.4.0/ 0
0

GET card_mask.js
gemidar.xyz/shared/geo/en/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.earn-money.offcx.cloud%2F&j=

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/css/bootstrap.min.css

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/UltraFLIX5_files/styles.css

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/css/styles.css

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/css/siempre.css

Domain: gemidar.xyz
URL: https://gemidar.xyz/shared/js/jquery-2.2.4.min.js

Domain: gemidar.xyz
URL: https://gemidar.xyz/shared/js/bootstrap.min-4.1.1.js

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/UltraFLIX5_files/button.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/img/visa.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/shared/images/visa-master-cvv.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/UltraFLIX5_files/star.svg

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/UltraFLIX5_files/star-half.svg

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_zh.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_ar.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_bg.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_cs.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_da.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_de.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_el.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_en.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_es.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_fi.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_fr.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_he.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_hr.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_hu.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_it.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_ja.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_ms.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_nb.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_nl.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_pl.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_pt.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_ro.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_ru.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_sv.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/files/flag_tr.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/UltraFLIX5_files/watching.jpg

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/UltraFLIX5_files/devices.jpg

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/UltraFLIX5_files/tv.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/UltraFLIX5_files/computer.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/UltraFLIX5_files/mobile.png

Domain: gemidar.xyz
URL: https://gemidar.xyz/streaming/3/cc/main.js?1714929595

Domain: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/imask/3.4.0/imask.min.js

Domain: gemidar.xyz
URL: https://gemidar.xyz/shared/geo/en/card_mask.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.earn-money.offcx.cloud/	1970-01-21 05:07:45	Name: HstCfa4853395 Value: 1714929591217
www.earn-money.offcx.cloud/	1970-01-21 05:07:45	Name: HstCla4853395 Value: 1714929591217
www.earn-money.offcx.cloud/	1970-01-21 05:07:45	Name: HstCmu4853395 Value: 1714929591217
www.earn-money.offcx.cloud/	1970-01-21 05:07:45	Name: HstPn4853395 Value: 1
www.earn-money.offcx.cloud/	1970-01-21 05:07:45	Name: HstPt4853395 Value: 1
www.earn-money.offcx.cloud/	1970-01-21 05:07:45	Name: HstCnv4853395 Value: 1
www.earn-money.offcx.cloud/	1970-01-21 05:07:45	Name: HstCns4853395 Value: 1
.dtscout.com/	1970-01-20 20:22:14	Name: m Value: 1
.dtscout.com/	1970-01-20 20:22:23	Name: oa Value: 1
.dtscout.com/	1970-01-20 22:46:09	Name: df Value: 1714929592
.dtscout.com/	1970-01-20 22:30:19	Name: l Value: 6D0017149295927939B80E127A3FBAA1
.trk.allsportspass.club/	1970-01-20 20:23:35	Name: 646bb149-802d-4e88-bec1-ad795e50b8de-v4 Value: 8RMa80UMH0MwxMP3yx1zoJdCTmtgmJ-DHBbOh6Ojb3o
.trk.allsportspass.club/	1970-01-21 05:07:45	Name: cc-v4 Value: lBkaiMgC8O%2BCiRoOypiTJ6TxBY%2BeIqLgmjqLOaC5sLfsU88KgxjX3mq8yrHBoYpeZhNTely9Xi1l%2FJMJTe7by%2BqHQL1zTX0b5Ma7mS%2FirjviP6vqihk06oUWJXBxa1wVqx1mwaRX%2BOV5bsG9uJeYcQ%3D%3D
to.tracking-zy.com/	1970-01-21 05:07:45	Name: afclick Value: 6637bfb9c6e8f800019ad5ba
to.tracking-zy.com/	1970-01-21 05:07:45	Name: afoffers Value: {"455":1714929593}
gemidar.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: lpoark333qb274dal51fjgbhbi

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.earn-money.offcx.cloud/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.earn-money.offcx.cloud/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.earn-money.offcx.cloud/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.earn-money.offcx.cloud/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
e.dtscout.com
gemidar.xyz
s10.histats.com
s4.histats.com
to.tracking-zy.com
trk.allsportspass.club
trk2.magixflix.club
www.earn-money.offcx.cloud
cdnjs.cloudflare.com
e.dtscout.com
gemidar.xyz
149.56.240.130
172.67.134.228
172.67.222.144
2400:8901::f03c:93ff:feca:97b3
2606:4700:10::6814:4373
34.91.91.144
52.76.104.211
125681e9d1f4161e36ccf824f0fca7459dbf55c8c9b41cc1180565c0bf376a25
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
a8737f9300e46368044dcee94861252c91432dab086189fb45eac3362a077856
d306aecb03484ed1bdffefe121ef5e69275e9bf6a1c8050c92c056f3412acdbe

gemidar.xyz Open in urlscan Pro 172.67.222.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

15 %HTTPS

29 %IPv6

8 Domains

9 Subdomains

6 IPs

4 Countries

33 kBTransfer

123 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

16 Cookies

4 Console Messages

Security Headers

Indicators

gemidar.xyz Open in urlscan Pro
172.67.222.144 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

15 %
HTTPS

29 %
IPv6

8
Domains

9
Subdomains

6
IPs

4
Countries

33 kB
Transfer

123 kB
Size

16
Cookies

53 HTTP transactions
0 data transactions