like-dz.yn.lt Open in urlscan Pro
54.36.158.41  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request DDoS.php Show response like-dz.yn.lt/	20 KB 6 KB	412ms 365ms	Document text/html	54.36.158.41 OVH
General Check archive.org Show headers Download Go to Full URL https://like-dz.yn.lt/DDoS.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 54.36.158.41 , France, ASN16276 (OVH, FR), Reverse DNS lb.xtgem.com Software / Resource Hash 2245b11d19f088d2612a78662329194d63a5cda4ddc80fa65d62a6306a089a61 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Response headers Date Tue, 15 Mar 2022 14:06:26 GMT Vary Host,Accept-Encoding Cache-Control private, no-cache, no-cache=Set-Cookie, proxy-revalidate Pragma no-cache Expires Wed, 17 Sep 1975 21:32:10 GMT Content-Encoding gzip Content-Length 5194 Content-Type text/html; charset=utf-8
GET H/1.1	404 Not Found	anonymous.jpg www.zidanmi.heck.in/	0 0	527ms 170ms	Image text/html	128.199.250.160 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.zidanmi.heck.in/anonymous.jpg Requested by Host: like-dz.yn.lt URL: https://like-dz.yn.lt/DDoS.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 128.199.250.160 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS hipi-01.e-ppt-cloud.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://like-dz.yn.lt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H/1.1	200 OK	old-school-swatch-watches-21484.jpg 4.thumbs.xtstatic.com/100/50/-/402a207ac912cff61d3bcd8232a4634f/backtooldschool.xtgem.com/images/blog/	2 KB 2 KB	126ms 57ms	Image image/jpeg	141.94.172.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://4.thumbs.xtstatic.com/100/50/-/402a207ac912cff61d3bcd8232a4634f/backtooldschool.xtgem.com/images/blog/old-school-swatch-watches-21484.jpg Requested by Host: like-dz.yn.lt URL: https://like-dz.yn.lt/DDoS.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 141.94.172.213 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash d8c758c1449d174a41912e1b630769fee9ba65c3f1ed4a068f2e6ca877f5a338 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://like-dz.yn.lt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 15 Mar 2022 14:06:26 GMT X-Ngz 1 Last-Modified Wed, 14 Nov 2018 00:11:07 GMT ETag "765-0" Sent-XS 0.000 Content-Type image/jpeg Cache-Control max-age=172800, pre-check=172800 Content-Length 1893 Expires Thu, 17 Mar 2022 14:06:26 GMT
GET H2	200	quant.js Show response secure.quantserve.com/	24 KB 10 KB	92ms 33ms	Script application/javascript	91.228.74.133 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: like-dz.yn.lt URL: https://like-dz.yn.lt/DDoS.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://like-dz.yn.lt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 14:06:26 GMT content-encoding gzip etag "yoD6mq4JTyPdtDBolW+GUg==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes expires Tue, 22 Mar 2022 14:06:26 GMT
GET H/1.1	200 OK	tp.gif Show response enif.images.xtstatic.com/ Frame D608	42 B 309 B	120ms 52ms	Document image/gif	141.94.172.213 OVH
General Check archive.org Show headers Download Go to Full URL https://enif.images.xtstatic.com/tp.gif Requested by Host: like-dz.yn.lt URL: https://like-dz.yn.lt/DDoS.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 141.94.172.213 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://like-dz.yn.lt/ Response headers Date Tue, 15 Mar 2022 14:06:26 GMT Last-Modified Sat, 16 Nov 2019 11:03:28 GMT ETag "2a-59774aa04e000" Accept-Ranges bytes Content-Length 42 Cache-Control max-age=2592000 Expires Thu, 14 Apr 2022 14:06:26 GMT Content-Type image/gif
GET H/1.1	200 OK	tp.gif Show response cif.images.xtstatic.com/ Frame 5414	42 B 309 B	120ms 51ms	Document image/gif	141.94.172.213 OVH
General Check archive.org Show headers Download Go to Full URL https://cif.images.xtstatic.com/tp.gif Requested by Host: like-dz.yn.lt URL: https://like-dz.yn.lt/DDoS.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 141.94.172.213 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://like-dz.yn.lt/ Response headers Date Tue, 15 Mar 2022 14:06:26 GMT Last-Modified Sat, 16 Nov 2019 11:03:28 GMT ETag "2a-59774aa04e000" Accept-Ranges bytes Content-Length 42 Cache-Control max-age=2592000 Expires Thu, 14 Apr 2022 14:06:26 GMT Content-Type image/gif
GET		share.js aji02.hexat.com/2/	0 0
GET		like.js aji02.hexat.com/Js/	0 0
GET H/1.1	200 OK	__xt_authbar Show response xtgem.com/ Frame 65B2	14 KB 3 KB	183ms 128ms	Document text/html	141.94.172.213 OVH
General Check archive.org Show headers Download Go to Full URL https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9saWtlLWR6LnluLmx0XC9ERG9TLnBocCIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6Imxpa2UtZHoueW4ubHQiLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19 Requested by Host: like-dz.yn.lt URL: https://like-dz.yn.lt/DDoS.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 141.94.172.213 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 82f05f0e86e992e8d0f042e1ee8cf25c099f9498422f91a741290124e8dce456 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://like-dz.yn.lt/ Response headers Date Tue, 15 Mar 2022 14:06:26 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Vary Accept-Encoding Content-Encoding gzip Content-Length 2760 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	close2.png xtgem.com/images/	564 B 843 B	97ms 53ms	Image image/png	141.94.172.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://xtgem.com/images/close2.png?v=0.01 Requested by Host: like-dz.yn.lt URL: https://like-dz.yn.lt/DDoS.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 141.94.172.213 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://like-dz.yn.lt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 15 Mar 2022 14:06:26 GMT X-Ngz 1 Last-Modified Sat, 16 Nov 2019 11:03:28 GMT ETag "234-59774aa04e000" Content-Type image/png Cache-Control max-age=2592000 Accept-Ranges bytes Content-Length 564 Expires Thu, 14 Apr 2022 14:06:26 GMT
GET H2	200	rules-p-0cfM8Oh7M9bVQ.js Show response rules.quantcount.com/	3 B 429 B	92ms 31ms	Script application/javascript	108.157.4.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-13.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://like-dz.yn.lt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 04:33:12 GMT via 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront) age 34451 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 3 last-modified Sat, 04 Mar 2017 19:40:53 GMT server AmazonS3 etag "8a80554c91d9fca8acb82f023de02f11" access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop DUS51-P2 accept-ranges bytes x-amz-cf-id Ea_v1IgNnNhQx9boqhjHZK3WK-_MIdVk9zNYdos2WWkfE1KHtJNGpw==
GET H2	200	pixel;r=603924763;rf=0;a=p-0cfM8Oh7M9bVQ;url=https%3A%2F%2Flike-dz.yn.lt%2FDDoS.php;uht=2;fpan=1;fpa=P0-43399696-1647353186714;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=yn.l... pixel.quantserve.com/	35 B 371 B	40ms 33ms	Image image/gif	91.228.74.133 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=603924763;rf=0;a=p-0cfM8Oh7M9bVQ;url=https%3A%2F%2Flike-dz.yn.lt%2FDDoS.php;uht=2;fpan=1;fpa=P0-43399696-1647353186714;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=yn.lt;je=0;sr=1600x1200x24;dst=0;et=1647353186714;tzo=0;ogl= Requested by Host: like-dz.yn.lt URL: https://like-dz.yn.lt/DDoS.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://like-dz.yn.lt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 15 Mar 2022 14:06:26 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

aji02.hexat.com

URL

http://aji02.hexat.com/2/share.js

Domain

aji02.hexat.com

URL

http://aji02.hexat.com/Js/like.js

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| structuredClone object| oncontextlost object| oncontextrestored object| _qevents boolean| cookies boolean| isFiring number| len function| quantserve function| __qc object| ezt object| _qoptions function| qtrack

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.yn.lt/	1970-01-20 19:07:05	Name: _xta_uid Value: 51b30b6311d7f50a6d0c67211b38d524
			.yn.lt/	1970-01-20 01:35:54	Name: _xta_vid Value: c9c6eb60db01f98fbc5c3a1c2e8224cb-1647353186
			like-dz.yn.lt/	1969-12-31 23:59:59	Name: Value: test
			.quantserve.com/	1970-01-20 11:06:07	Name: mc Value: 62309d62-b4c0b-8d87c-47e87
			.yn.lt/	1970-01-20 11:00:21	Name: __qca Value: P0-43399696-1647353186714

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://like-dz.yn.lt/DDoS.php Message: Mixed Content: The page at 'https://like-dz.yn.lt/DDoS.php' was loaded over HTTPS, but requested an insecure element 'http://www.zidanmi.heck.in/anonymous.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://like-dz.yn.lt/DDoS.php(Line 163) Message: Mixed Content: The page at 'https://like-dz.yn.lt/DDoS.php' was loaded over HTTPS, but requested an insecure element 'http://www.zidanmi.heck.in/anonymous.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://like-dz.yn.lt/DDoS.php Message: Mixed Content: The page at 'https://like-dz.yn.lt/DDoS.php' was loaded over HTTPS, but requested an insecure script 'http://aji02.hexat.com/2/share.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://like-dz.yn.lt/DDoS.php Message: Mixed Content: The page at 'https://like-dz.yn.lt/DDoS.php' was loaded over HTTPS, but requested an insecure script 'http://aji02.hexat.com/Js/like.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://www.zidanmi.heck.in/anonymous.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.thumbs.xtstatic.com
aji02.hexat.com
cif.images.xtstatic.com
enif.images.xtstatic.com
like-dz.yn.lt
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
www.zidanmi.heck.in
xtgem.com
aji02.hexat.com
108.157.4.13
128.199.250.160
141.94.172.213
54.36.158.41
91.228.74.133
2245b11d19f088d2612a78662329194d63a5cda4ddc80fa65d62a6306a089a61
82f05f0e86e992e8d0f042e1ee8cf25c099f9498422f91a741290124e8dce456
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d8c758c1449d174a41912e1b630769fee9ba65c3f1ed4a068f2e6ca877f5a338
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629