9xbuddy.org Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://9xbuddy.com/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
Effective URL:
https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
Submission: On April 14 via api (April 14th 2022, 8:35:55 am UTC) from DE — Scanned from DE

Summary HTTP 21 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is 9xbuddy.org. The Cisco Umbrella rank of the primary domain is 731277.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 28th 2021. Valid for: a year.

This is the only time 9xbuddy.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3038::6815:eb51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.109.87.248 23.109.87.248	7979 (SERVERS-COM) (SERVERS-COM)
21	4

1 2606:4700:3038::6815:eb51 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

9xbuddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

9xbuddy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

ab.9xbud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.109.87.248 (Netherlands)

ASN7979 (SERVERS-COM, US)

baffledzein.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	9xbuddy.org 9xbuddy.org — Cisco Umbrella Rank: 731277	159 KB
4	9xbud.com ab.9xbud.com — Cisco Umbrella Rank: 721668	4 KB
3	baffledzein.com baffledzein.com	2 KB
1	9xbuddy.com 1 redirects 9xbuddy.com	634 B
21	4

	Domain	Requested by
13	9xbuddy.org	9xbuddy.org
4	ab.9xbud.com	9xbuddy.org
3	baffledzein.com	9xbuddy.org
1	9xbuddy.com	1 redirects
21	4

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
vk.com
9xbud.com
pr864b6.9xbud.com
fvs.io
123sudo.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
baffledzein.com R3	`2022-03-30` - `2022-06-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
Frame ID: F1B4DFDF216B1CEEEF98E705E9214059
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

4-6p2cz68kymwz5 Video

Page URL History Show full URLs

https://9xbuddy.com/process?url=https://lajkema.com/v/4-6p2cz68kymwz5 HTTP 301
https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5 Page URL

Page Statistics

21
Requests

95 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

165 kB
Transfer

488 kB
Size

3
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
Title: Share On Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2F9xbuddy.org%2Fprocess%3Furl%3Dhttps%3A%2F%2Flajkema.com%2Fv%2F4-6p2cz68kymwz5
Title: Tweet @ Twitter

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https%3A%2F%2F9xbuddy.org%2Fprocess%3Furl%3Dhttps%3A%2F%2Flajkema.com%2Fv%2F4-6p2cz68kymwz5
Title: Share On VK

Search URL Search Domain Scan URL

URL: https://9xbud.com/https://lajkema.com/v/4-6p2cz68kymwz5
Title: 9xbud.com/https://lajkema.com/v/4-6p2cz68kymwz5

Search URL Search Domain Scan URL

URL: https://pr864b6.9xbud.com/down/aHR0cHM6Ly9mdnMuaW8vcmVkaXJlY3Rvcj90b2tlbj1iakZUWkVkSFJGaG1TVVIzTlUxeldXSjZZbE40TUdGeFVuUkxRbTVNYzFkdU1rdDZSMXBpUWsxeWMxVjROM1Z4Y1VVelVWZEhXVVozVkV0Q1ExTmFLMW96WTJkaVJ5OHhla3RzUjBWUmJHSmpSMnBVWkhGSFNGWjJhbUZvWm5kTVpsaFJTMWQ0UVZoNFFYbEljbEJ0Y2tWSk9GSllVM1JVT0hkemRtOHdlRVZtUkdwcWJrNUJSREpPYmxKd1lqUjJVa2h3WTJ0NVpqaFBiQzlXV0d4TFZraDNQVDA2Wldsb2RXb3ZSWEJYWVhwMU1tOWtRVEptVW1kRFVUMDkzS05X/4bda5a519340a995915dcab627d5667e-1649939749?customName=4-6p2cz68kymwz5%20Video_480p
Title: Download Now

Search URL Search Domain Scan URL

URL: https://fvs.io/redirector?token=bjFTZEdHRFhmSUR3NU1zWWJ6YlN4MGFxUnRLQm5Mc1duMkt6R1piQk1yc1V4N3VxcUUzUVdHWUZ3VEtCQ1NaK1ozY2diRy8xektsR0VRbGJjR2pUZHFHSFZ2amFoZndMZlhRS1d4QVh4QXlIclBtckVJOFJYU3RUOHdzdm8weEVmRGpqbk5BRDJOblJwYjR2UkhwY2t5ZjhPbC9WWGxLVkh3PT06ZWlodWovRXBXYXp1Mm9kQTJmUmdDUT093KNW
Title: Download Now

Search URL Search Domain Scan URL

URL: https://pr864b6.9xbud.com/down/aHR0cHM6Ly9mdnMuaW8vcmVkaXJlY3Rvcj90b2tlbj1aMk53VW1ncmF5OVNkM1ZYVHpKMGEyeFhWVzlqVDJwUFUzWjVOVFZCZHpCdmJETkRWa3RZY1hVeWJWRkRlbFpLVm13eE56QTNiVVZPVFZwaGQweDFMemM1Vmt4cVYwRmFVbmxqZVZKcmNqVTBjbWRYWXpabFQxTlNNVVJsUkdkMVdrdzVRa2REVGpaVU5sWm9ValF4TjFSeWQzRXZVbmhoYXpkMmJVRTNjRUppVjBWRlZtTjVLMHRHV0c1NmVqaEdSMVZNUWxaQk5HcHdlQzlLVG5sVE1sRjNQVDA2WldwM1pIVjBRbXBzZFdGV2VrcFFkalJJYm1aRmR6MDlBQzVJ/0f14ba8b6c3d8a7ef3426d62e0f5599e-1649939749?customName=4-6p2cz68kymwz5%20Video_720p
Title: Download Now

Search URL Search Domain Scan URL

URL: https://fvs.io/redirector?token=Z2NwUmgray9Sd3VXTzJ0a2xXVW9jT2pPU3Z5NTVBdzBvbDNDVktYcXUybVFDelZKVmwxNzA3bUVOTVphd0x1Lzc5VkxqV0FaUnljeVJrcjU0cmdXYzZlT1NSMURlRGd1Wkw5QkdDTjZUNlZoUjQxN1Ryd3EvUnhhazd2bUE3cEJiV0VFVmN5K0tGWG56ejhGR1VMQlZBNGpweC9KTnlTMlF3PT06ZWp3ZHV0QmpsdWFWekpQdjRIbmZFdz09AC5I
Title: Download Now

Search URL Search Domain Scan URL

URL: https://123sudo.com/
Title: 123sudo

Search URL Search Domain Scan URL

URL: https://123sudo.com/page/terms?app=9xbuddy
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://123sudo.com/page/privacy?app=9xbuddy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://9xbuddy.com/process?url=https://lajkema.com/v/4-6p2cz68kymwz5 HTTP 301
https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request process Show response
9xbuddy.org/
Redirect Chain

https://9xbuddy.com/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5

18 KB
6 KB

98ms
47ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.17 123sudo

Resource Hash

032a462a7949a4c56cb590d3ef0233a6b40d3d00107815ff8382867a0cd4c81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6fbb1c345b869b92-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 08:35:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8Sfh9w4iF1BpJ%2Fp1vIP0%2BqLvdz7j4KhHofGIEWiG03A6fSt7w7p1GXMvrZAHW22fs%2F8u3hhLm7WWxUj5orUFR9r6KrgUmFSAFWL2OiDuN85yUgFmqW2rnbSYa4W8unCAlDzWFgIvxsNfg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: PHP/8.0.17 123sudo

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 6fbb1c33ee349b8f-FRA
date: Thu, 14 Apr 2022 08:35:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 14 Apr 2022 09:35:48 GMT
location: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEt%2FbELEBjBO90%2FslZTuUnixWXvyV2CGZTk9l%2BjTa3DdA8mDE8f1nt1zmqXjGAh5bpiaCUhm%2BQlQMeEbTeFSJM6TzDhm3S6vji6obpamYT8Rk9OU0WlSvATnxElnRQFSst8A0nXb5yw91A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 main.efb9bf4cc96b05d12702.css
9xbuddy.org/build/ 26 KB
6 KB 25ms
24ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/build/main.efb9bf4cc96b05d12702.css

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

71b2c97435ca2c3ffa3bd24ecda0bd562b36273811f7e0bb86073892b35375f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4495
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 05:44:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62396239-6918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msqFiyIlmwkgBC3h6badKQ5DzQqikDcoa9WgR%2BnRK1AqBp%2F8LbLp47Qmw6NzZAhThBZV8B%2B3inlUmGyXfAY0RnZNDhtSvKHFqfCAplkK2Qq3PVEq4caRsnPJI0LqnwKPB9NFOEOYKWxKOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6fbb1c34dcb19b92-FRA

GET
H2 200 invisible.js Show response
9xbuddy.org/cdn-cgi/challenge-platform/h/g/scripts/ 53 KB
18 KB 27ms
27ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1649923200

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b9a257d00ffb347a30530e9e3950fdb5da3544a987eacd26f5b158dfc471257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRS1dYOVO%2BVyF8H11E0Bv3CoOkXyKGVxawuSRSuyumLG3062y59iEXAzMMxMV5VwDxUkbWsb5J%2BFDVrxjA04w4pELjnPYOKho%2B5wJUf8HF1LVo23sK2huM6PFC%2B6kuT9PIuKz63xAdnUaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6fbb1c34dcb49b92-FRA
vary: Accept-Encoding

GET
H2 200 291f13891176f90733ca.png
9xbuddy.org/build/ 2 KB
3 KB 25ms
25ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9xbuddy.org/build/291f13891176f90733ca.png

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

55340830b75351b2ad4154871c488f34c0b66c8cef18719f3f7a8f9dc190cd58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1109
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2501
last-modified: Fri, 03 Sep 2021 10:11:23 GMT
server: cloudflare
x-frame-options: DENY
etag: "6131f4cb-9c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsIDDZpRuyjldI1P9ch4i7KYOGQfL93hvuAL0w5icWod3atrZvZINnPh76LJIadV62ngXoK9kfutbYjYS4zz0kj7GFKWFkYwjQKCzTEFVYBVCMvt9xpclBv3M4yu3gheL6eEzqqdxPK1Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fbb1c34ecb79b92-FRA

GET
H2 200 main.efb9bf4cc96b05d12702.js Show response
9xbuddy.org/build/ 278 KB
88 KB 33ms
32ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/build/main.efb9bf4cc96b05d12702.js

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

08d2242bfac729cedb2ed14f2a8f8fb89b459b80a1c89fba7e81b02e4fff5836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 05:44:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62396239-45704"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvwq9GuGmmdbbQK%2B%2Frz%2BFpqHKljaZPxN0e2TmGdfrTemvG2niA1VGwgO5aXXfb%2FM0aYTGmkWULOyRTdeGa3Wi3Brrpt15OaMCg2qwpE3k97VCniwh7ZFza62kgpYhOLFobgufkr%2BeMFfAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6fbb1c34ecb69b92-FRA

GET sw.js
9xbuddy.org/ 0
0

GET
H3 200 302.efb9bf4cc96b05d12702.js Show response
9xbuddy.org/build/ 8 KB
3 KB 32ms
31ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/build/302.efb9bf4cc96b05d12702.js

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/main.efb9bf4cc96b05d12702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

847c9761fed7a63dce5a4eaf6de4f89fc40577c70b9365db184b5ea0452d7f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7009
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 05:44:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62396239-1e67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTtruhV8wwji%2F8Ao9l4KVneGDRFrITn9VI1AqWar5OcrdF8mAcoGdoRQvd%2BLrBLhEl6b8x98AkV5LzURXKBiJlVzrwzNq%2FHz02O6stP4%2B4oXLonC54XiokVEoVvl5hu%2BDzIIH67RApgSOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6fbb1c356eb292c9-FRA

GET
H3 200 pica.js
9xbuddy.org/cdn-cgi/challenge-platform/h/g/scripts/ 20 KB
8 KB 28ms
28ms Other
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee13f5eb1406178773eb3b77b42072fbd3ab00f76bf7fa9d5d9da6053667b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5qwL1Lns%2BGCMjxoNitgSe5oOfp90uJT6altgx45uRS8Za%2F6KdDMgBcuAD33WsG%2Fvg%2BDEVDxRkUZn8Tu%2BDstV5rqJj7QqjQ733R6Vq2b4ep2X6OOiyexqVc0C%2F%2FKK0PxnGUI1UIkk1xIEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6fbb1c357ec392c9-FRA
vary: Accept-Encoding

GET
H3 200 669.efb9bf4cc96b05d12702.js Show response
9xbuddy.org/build/ 13 KB
6 KB 29ms
28ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/build/669.efb9bf4cc96b05d12702.js

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/main.efb9bf4cc96b05d12702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

db51a3ea831647cbd6448a4332af512492ddc9f9e6f76aece263125bf17946fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 181
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 05:44:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62396239-35e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQ1vYSTfz5Uh3%2FttSbc7xCPCZ5F3f6%2FeojZi7r55rEWenfS%2FAxsP94fPI0ZbH4GhrkB8m3mqwdu9mQ03SNEaty7pUwN2ZhhmegCNZ4OnsieaOWV8iqKHXl0xTx7pW9MrmR3P7SsBk7oTyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6fbb1c35dfab92c9-FRA

GET
H3 200 189.efb9bf4cc96b05d12702.js Show response
9xbuddy.org/build/ 3 KB
2 KB 36ms
35ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/build/189.efb9bf4cc96b05d12702.js

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/main.efb9bf4cc96b05d12702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

7bb82a598836ba91c6628904821d3a96ded2d87a4814eb8b4b8d33c2a603af30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 995
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 05:44:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62396239-d3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkgDVutdF5rzLzj2ckTGcBdSQ1byCWDw1uhKsUrtOSEj47iD7pProlVTJsr3ELwVqc23sGaqBOzGRJObq6xy%2FK6A28OxnRAP%2FhYwxDQGOiQc3CcVVr3b76ge3szsfMAnuHQN6KtA9llKNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6fbb1c35dfae92c9-FRA

GET
H3 200 70.efb9bf4cc96b05d12702.js Show response
9xbuddy.org/build/ 22 KB
8 KB 27ms
26ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/build/70.efb9bf4cc96b05d12702.js

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/main.efb9bf4cc96b05d12702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

8cfc77c8937257dd40ad59ae890c359ffe8e07d781a013d1b3b42ada5d9aced0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 996
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 05:44:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62396239-58a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFnSDGLCnhsIe4dDbM32CrHXFvd1buoBvmASr3QionHWCv4tY5OeCp%2FykDWDKvk2idjWta%2F7ZeMhhRwmcwx3s9dzu5bshD%2FUH2FPBYVeDnmngVkcJ0E2e1Zl23MOYeA5mrFFmdwIgelP8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6fbb1c35dfb092c9-FRA

GET
H3 200 389.efb9bf4cc96b05d12702.js Show response
9xbuddy.org/build/ 37 KB
9 KB 27ms
27ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/build/389.efb9bf4cc96b05d12702.js

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/main.efb9bf4cc96b05d12702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

4f08f1bdc71549529316a382b2ba6527473d65d34d3f4f586849b695dae5af87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5495
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 05:44:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62396239-9520"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQ0ccf0aglUDQ5n%2B7vmgy9ePW%2ByyWlf%2B8f%2Bs8h1%2F1Kb9Nx%2Bqy1yMC6u8n2gstC4zpoci1Pz3SEVuv1oUnxxhRDrOmDgRvpWZipsE50um1X%2Bh14qfn9iuweuBWY116VsCBnnlb3DzlAsLYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6fbb1c35dfb192c9-FRA

OPTIONS
H2 200 token
ab.9xbud.com/ 0
0 115ms
64ms Preflight
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ab.9xbud.com/token

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.17 123sudo

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-access-token,x-auth-token,x-requested-domain,x-requested-with
Access-Control-Request-Method: POST
Origin: https://9xbuddy.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-requested-with,x-auth-token,x-requested-domain,x-access-token
access-control-allow-methods: POST
access-control-allow-origin: https://9xbuddy.org
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6fbb1c36aa6a9bc2-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 08:35:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GP8LLb2fBWp4P%2Flk8N5zLDIQCZPpd3Ln3x4jTyzPbZj5kjRgtWIah%2Bw8KIh9qSRpgKZtDG3xBfa2VmGl9Nxhg7rRVWxl%2FcyGyDU3GLtcJj%2BjZnHpsXuX60OBUuP3gzjnewDoDS1PNFFegLQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-powered-by: PHP/8.0.17 123sudo

POST
H3 200 token Show response
ab.9xbud.com/ 219 B
918 B 60ms
40ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ab.9xbud.com/token

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/669.efb9bf4cc96b05d12702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.17, 123sudo

Resource Hash

41670ef2c492b815f77ed4d079de7b882f8902d6e2433cd714a53c21168314ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://9xbuddy.org/
x-auth-token: nqqSrJaV3WOf1J1rk5pml8Zuksiba5OaZpfGbpLIm2WPyoLglrKw4LqFf4mEisOCcbZ7scXYmMrbZtia
X-Requested-With: xmlhttprequest
x-access-token: false
x-requested-domain: 9xbuddy.org

Response headers

date: Thu, 14 Apr 2022 08:35:49 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.17, 123sudo
access-control-allow-methods: POST
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7K%2BzyOzwch4zUbu03eK5LlNr2a7mSy9W6KZ9TyvyDNNQYjXkALetjfsFBXFENZHIkVO7Qbmvi4DPD1EJ4TGN2xuuKhLxtRcUGmR39e0s6oohNNb0%2B85XPBj5mfaLhWVFnJKnJ%2B9cLuCaXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://9xbuddy.org
access-control-allow-credentials: true
cf-ray: 6fbb1c37297f913a-FRA
access-control-allow-headers: content-type,x-requested-with,x-auth-token,x-requested-domain,x-access-token

POST
H3 200 6fbb1c345b869b92 Show response
9xbuddy.org/cdn-cgi/challenge-platform/h/g/cv/result/ 2 B
733 B 46ms
46ms XHR
text/plain 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/cdn-cgi/challenge-platform/h/g/cv/result/6fbb1c345b869b92

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1649923200

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Apr 2022 08:35:49 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b33xR5X%2F4Ch8%2Fg762CPWx%2FzEvdK4BGwiMOfRKrpyioHmqBm0cW50F7%2FJjhv%2FnadRitArk3WpneNk5kLAx7gBZexysdF%2BAv0UUpbamGTkoMsLQIYlT%2BApw7BUR7QrKRuW1R0yn%2BkmAljQ4w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6fbb1c39cf9992c9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 extract
ab.9xbud.com/ 0
0 40ms
40ms Preflight
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ab.9xbud.com/extract

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.17 123sudo

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-access-token,x-auth-token,x-requested-domain,x-requested-with
Access-Control-Request-Method: POST
Origin: https://9xbuddy.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-requested-with,x-auth-token,x-requested-domain,x-access-token
access-control-allow-methods: POST
access-control-allow-origin: https://9xbuddy.org
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6fbb1c39df3b913a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 08:35:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjopzMTvQ32ZV3Cs6rSQagFoq%2B70Zbj0oiYcbKhFfTCLw%2Bwe8dozCmKlWBoLGknOf2tTy%2F58M%2FEY%2Bg7mp1SVo6yo5M1Q8VsEwQZylRoYJkHMokyoLjH9juyViCNYCjkss7YxMUemqz9%2BGE4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-powered-by: PHP/8.0.17 123sudo

POST
H3 200 extract Show response
ab.9xbud.com/ 5 KB
3 KB 369ms
368ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ab.9xbud.com/extract

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/669.efb9bf4cc96b05d12702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.17, 123sudo

Resource Hash

72e3001c7824410d6af2c36915bdb47db575f94add31714c95684a872f0b3486

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://9xbuddy.org/
x-auth-token: nqqSrJaV3WOf1J1rk5pml8Zuksiba5OaZpfGbpLIm2WPyoLglrKw4LqFf4mEisOCcbZ7scXYmMrbZtia
X-Requested-With: xmlhttprequest
x-access-token: mtna0qyclWOc25urxpSukqCknn2h38/OpcOVaZGTWV65maPIoKmqUIC5hpNpkJZvg7qipJhkcISpaGtZUqbW0qXHvZnFrqKqkWVom19lbVBasK62hq6SVM/MpJuCd5rHnKFgUHXN2NGmx5Vlk5NnZpBkbZ1nYG5lUrjHyJrUz2OYlnBklWZmmGFm
x-requested-domain: 9xbuddy.org

Response headers

date: Thu, 14 Apr 2022 08:35:49 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.17, 123sudo
access-control-allow-methods: POST
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbfL4RaqtttDYYcq63x67s2dBIs6OZvWizdPl1SVHTv8yCdse4FNGQnKIctsMYOfgeDWVGjSy5W6FUGU1f7Tr0Kxq%2BINPvVvHLi79Lv9Eg54sfb%2Fvi%2FkEYEKxkl5C03bwPm9Vjwiesn526A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://9xbuddy.org
access-control-allow-credentials: true
cf-ray: 6fbb1c3a1fda913a-FRA
access-control-allow-headers: content-type,x-requested-with,x-auth-token,x-requested-domain,x-access-token

GET
H3 200 bddcb5cd2357411ec12c.png
9xbuddy.org/build/ 1 KB
2 KB 35ms
35ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9xbuddy.org/build/bddcb5cd2357411ec12c.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

be0fb81b1e6a4c784bae40dd35e460aa956802ef7a292f41fe6b973bfe9786ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7000
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1351
last-modified: Sat, 17 Jul 2021 06:03:08 GMT
server: cloudflare
x-frame-options: DENY
etag: "60f2729c-547"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpTBNCpuN9PiagetrXvnp8cHDrLefDg17NHJq%2FfOzkRD9SfsUESH2RGD6riRsERLJvdMzo25AxvA7uKgVjOCw0hBpursXSVBzDSJtoOGExs6SSYXCRobzNSWp55rRtiv2oTA3BOtaMOK7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fbb1c3c7ca492c9-FRA

GET
H/1.1 200
OK 7972 Show response
baffledzein.com/rHH727qVeN4r6/ 5 B
1 KB 241ms
31ms Script
application/javascript 23.109.87.248
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://baffledzein.com/rHH727qVeN4r6/7972

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/389.efb9bf4cc96b05d12702.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.87.248 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:35:50 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=1
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://9xbuddy.org
Access-Control-Max-Age: 600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
X-Content-Type-Options: nosniff
Keep-Alive: timeout=20

GET
H/1.1 200
OK 40618 Show response
baffledzein.com/nQNFvR4pfdjHeE/ 0
0 25ms
24ms Script
text/html 23.109.87.248
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://baffledzein.com/nQNFvR4pfdjHeE/40618
Requested by: Host: 9xbuddy.org
URL: https://9xbuddy.org/build/389.efb9bf4cc96b05d12702.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 23.109.87.248 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H/1.1 200
OK 9537 Show response
baffledzein.com/1clkn/ 6 B
355 B 70ms
25ms Script
application/javascript 23.109.87.248
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://baffledzein.com/1clkn/9537

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/389.efb9bf4cc96b05d12702.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.87.248 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:35:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=1
Keep-Alive: timeout=20

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 9xbuddy.org
URL: https://9xbuddy.org/sw.js

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.9xbuddy.org/	1970-01-20 02:18:47	Name: __cf_bm Value: g_kjmAtrsF.MuQXx6YTRYScnamDillgvzdRHAL5cTc8-1649925349-0-AfGYYCYgVlE1UHPRFoTZzSBlseFrmj68Dse3f8Z1Dw20/+rBjeWVJwk7eODM7VNBOowQ8yKMIXMyOQ62AHamrLlD2kBOFbsCCqESshR9axVLEJRBcWdssnkBWmENqUQDVg==
baffledzein.com/	1970-01-20 02:20:11	Name: GL_UI4 Value: eJw9jd1OgzAcxYHy4TIhnoQH8BHKHHNcGh%2FCS9LSP6wO2qXUEd%2FexkSvzi%2FnIyeKoqSuEN9zBvYlWjyTPI78RchODefT63gSrVTycOiO8twq2XXY6bX3Qs7kUzxOZMjpoR%2BsohJPIfpzrsZuJkUmnTCqRLaExlyikM5uK7maITViIeTvF2eDZov4tA6s4TywNoFjjsSuNat2KD60UWFY7ZE0vCrzCPvbLPxo3dJrlcfIJicUIX7DwyA8TdZ9o1C0Xr29AXZW%2FX%2F%2F95dtDUeu6K6HcG79hdwPMfRLXQ%3D%3D
baffledzein.com/	1970-01-20 02:20:11	Name: GL_GI10 Value: eJw9i8sKwjAURGsq0aJVBvwAv6CQqrgWFRd%2BRKjtVbJobkjjI369%2BMDVzBzOJEkiZhMI4zAt1bpQalmUalWoRYn0Qgyx22Nc89UGH7WtWsLgQL6tbIT0dDFsc4y%2BRdfcUPJfbzlHvzYh5sje8RNS0zlkR4p3Os03B2SWgu4cUYNsy96xrwJh8qefm0wxNJ12nh9R9jANpqUnW9J8PncUpEDvJsUL9zY8WQ%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9xbuddy.com
9xbuddy.org
ab.9xbud.com
baffledzein.com
9xbuddy.org
23.109.87.248
2606:4700:3038::6815:eb51
2a06:98c1:3120::7
2a06:98c1:3121::7
032a462a7949a4c56cb590d3ef0233a6b40d3d00107815ff8382867a0cd4c81c
08d2242bfac729cedb2ed14f2a8f8fb89b459b80a1c89fba7e81b02e4fff5836
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ee13f5eb1406178773eb3b77b42072fbd3ab00f76bf7fa9d5d9da6053667b11
41670ef2c492b815f77ed4d079de7b882f8902d6e2433cd714a53c21168314ae
4b9a257d00ffb347a30530e9e3950fdb5da3544a987eacd26f5b158dfc471257
4f08f1bdc71549529316a382b2ba6527473d65d34d3f4f586849b695dae5af87
55340830b75351b2ad4154871c488f34c0b66c8cef18719f3f7a8f9dc190cd58
71b2c97435ca2c3ffa3bd24ecda0bd562b36273811f7e0bb86073892b35375f9
72e3001c7824410d6af2c36915bdb47db575f94add31714c95684a872f0b3486
7bb82a598836ba91c6628904821d3a96ded2d87a4814eb8b4b8d33c2a603af30
847c9761fed7a63dce5a4eaf6de4f89fc40577c70b9365db184b5ea0452d7f29
8cfc77c8937257dd40ad59ae890c359ffe8e07d781a013d1b3b42ada5d9aced0
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
be0fb81b1e6a4c784bae40dd35e460aa956802ef7a292f41fe6b973bfe9786ca
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
db51a3ea831647cbd6448a4332af512492ddc9f9e6f76aece263125bf17946fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

9xbuddy.org Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

21 Requests

95 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

165 kBTransfer

488 kBSize

3 Cookies

11 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

9xbuddy.org Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

95 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

165 kB
Transfer

488 kB
Size

3
Cookies

21 HTTP transactions
0 data transactions