diamond-seo.clan.su Open in urlscan Pro
193.109.246.67  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://broworker1s.com/go/hfqwgztemu5dkmzwg4 Page URL
2. https://tmix.ucoz.net/roti.html Page URL
3. https://playattack.biz/?p=gfrdimzumm5gi3bpgu4tcnrq Page URL
4. https://atm.ucoz.net/ou.html Page URL
5. https://majorikmedia.com/?p=hbqtoyldg45gi3bpgm4tgoi Page URL
6. https://bonustra.ucoz.net/xwio.html Page URL
7. https://se13.biz/?p=gvrgknzqmy5gi3bpgy4tema Page URL
8. https://bitggdoo.ucoz.net/cvcvt.html Page URL
9. https://diamond-seo.clan.su/index.html Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	hfqwgztemu5dkmzwg4 Show response broworker1s.com/go/	25 KB 26 KB	89ms 34ms	Document text/html	212.129.16.248 Online SAS
General Check archive.org Show headers Download Go to Full URL https://broworker1s.com/go/hfqwgztemu5dkmzwg4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.129.16.248 Paris, France, ASN12876 (Online SAS, FR), Reverse DNS 212-129-16-248.rev.poneytelecom.eu Software nginx / Resource Hash 009b1256582a6018cd8b3cea41f2e512aba1150b6020b0323963f0710aebc9a3 Security Headers Name Value Content-Security-Policy img-src https: data:; upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-origin * content-security-policy img-src https: data:; upgrade-insecure-requests content-type text/html; charset=UTF-8 date Sat, 07 May 2022 19:01:37 GMT server nginx strict-transport-security max-age=31536000
GET H2	200	1.png broworker1s.com/img/10/	10 KB 11 KB	26ms 26ms	Image image/png	212.129.16.248 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://broworker1s.com/img/10/1.png Requested by Host: broworker1s.com URL: https://broworker1s.com/go/hfqwgztemu5dkmzwg4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.129.16.248 Paris, France, ASN12876 (Online SAS, FR), Reverse DNS 212-129-16-248.rev.poneytelecom.eu Software nginx / Resource Hash 967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837 Security Headers Name Value Content-Security-Policy img-src https: data:; upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://broworker1s.com/go/hfqwgztemu5dkmzwg4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sat, 07 May 2022 19:01:37 GMT last-modified Mon, 25 Nov 2019 17:34:00 GMT server nginx etag "5ddc1088-295f" strict-transport-security max-age=31536000 content-type image/png cache-control max-age=2592000 content-security-policy img-src https: data:; upgrade-insecure-requests accept-ranges bytes content-length 10591 expires Mon, 06 Jun 2022 19:01:37 GMT
GET H2	200	2.png broworker1s.com/img/10/	1 KB 1 KB	27ms 27ms	Image image/png	212.129.16.248 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://broworker1s.com/img/10/2.png Requested by Host: broworker1s.com URL: https://broworker1s.com/go/hfqwgztemu5dkmzwg4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.129.16.248 Paris, France, ASN12876 (Online SAS, FR), Reverse DNS 212-129-16-248.rev.poneytelecom.eu Software nginx / Resource Hash 09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5 Security Headers Name Value Content-Security-Policy img-src https: data:; upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://broworker1s.com/go/hfqwgztemu5dkmzwg4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sat, 07 May 2022 19:01:37 GMT last-modified Mon, 25 Nov 2019 17:34:00 GMT server nginx etag "5ddc1088-425" strict-transport-security max-age=31536000 content-type image/png cache-control max-age=2592000 content-security-policy img-src https: data:; upgrade-insecure-requests accept-ranges bytes content-length 1061 expires Mon, 06 Jun 2022 19:01:37 GMT
GET DATA	200 OK	truncated /	11 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	roti.html tmix.ucoz.net/	181 B 468 B	252ms 64ms	Document text/html	193.109.246.67 COMPUBYTE-AS
General Check archive.org Show headers Download Go to Full URL https://tmix.ucoz.net/roti.html Requested by Host: broworker1s.com URL: https://broworker1s.com/go/hfqwgztemu5dkmzwg4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.109.246.67 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY), Reverse DNS dev.ucoz.net Software nginx / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://broworker1s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Cache-Control max-age=1728000 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sat, 07 May 2022 19:01:39 GMT Expires Fri, 27 May 2022 19:01:39 GMT Keep-Alive timeout=15 Server nginx Transfer-Encoding chunked X-Frame-Options SAMEORIGIN
GET H2	200	/ Show response playattack.biz/	17 KB 17 KB	108ms 35ms	Document text/html	178.62.225.201 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://playattack.biz/?p=gfrdimzumm5gi3bpgu4tcnrq Requested by Host: tmix.ucoz.net URL: https://tmix.ucoz.net/roti.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.62.225.201 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 5c1f5b8e54ce3bb56ad38e001c8a82f0b9f7292fc372e46148d3a281b10175a2 Security Headers Name Value Content-Security-Policy img-src https: data:; upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers Referer https://tmix.ucoz.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-origin * content-security-policy img-src https: data:; upgrade-insecure-requests content-type text/html; charset=UTF-8 date Sat, 07 May 2022 19:01:38 GMT server nginx strict-transport-security max-age=31536000
GET H/1.1	200 OK	ou.html atm.ucoz.net/	182 B 473 B	255ms 66ms	Document text/html	195.216.243.26 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://atm.ucoz.net/ou.html Requested by Host: broworker1s.com URL: https://broworker1s.com/go/hfqwgztemu5dkmzwg4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.216.243.26 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS s26.ucoz.net Software nginx / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://playattack.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Cache-Control max-age=1728000 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sat, 07 May 2022 19:01:47 GMT Expires Fri, 27 May 2022 19:01:47 GMT Keep-Alive timeout=15 Server nginx Transfer-Encoding chunked X-Frame-Options SAMEORIGIN
GET H2	200	/ Show response majorikmedia.com/	28 KB 28 KB	105ms 39ms	Document text/html	104.248.83.85 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://majorikmedia.com/?p=hbqtoyldg45gi3bpgm4tgoi Requested by Host: atm.ucoz.net URL: https://atm.ucoz.net/ou.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.248.83.85 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 84e8b06d1b337af21baa24e739a186436e3ff9e7284a9815b603f2e868e4fe6b Security Headers Name Value Content-Security-Policy img-src https: data:; upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers Referer https://atm.ucoz.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-origin * content-security-policy img-src https: data:; upgrade-insecure-requests content-type text/html; charset=UTF-8 date Sat, 07 May 2022 19:01:38 GMT server nginx strict-transport-security max-age=31536000
GET DATA	200 OK	truncated /	13 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1179d91e241cbea26748f5c37c22e29e7536e7ebdef99a5e0588f52d224097fb Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	xwio.html bonustra.ucoz.net/	174 B 464 B	261ms 66ms	Document text/html	195.216.243.116 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://bonustra.ucoz.net/xwio.html Requested by Host: broworker1s.com URL: https://broworker1s.com/go/hfqwgztemu5dkmzwg4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.216.243.116 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS dev.ucoz.net Software nginx / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://majorikmedia.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Cache-Control max-age=1728000 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sat, 07 May 2022 19:01:37 GMT Expires Fri, 27 May 2022 19:01:37 GMT Keep-Alive timeout=15 Server nginx Transfer-Encoding chunked X-Frame-Options SAMEORIGIN
GET H2	200	/ Show response se13.biz/	50 KB 50 KB	110ms 37ms	Document text/html	174.138.2.60 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://se13.biz/?p=gvrgknzqmy5gi3bpgy4tema Requested by Host: bonustra.ucoz.net URL: https://bonustra.ucoz.net/xwio.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 174.138.2.60 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash bf281e274e8ce9234f108319c07a2d23eb13c5f633de857809d2c41b2277a813 Security Headers Name Value Content-Security-Policy img-src https: data:; upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers Referer https://bonustra.ucoz.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-origin * content-security-policy img-src https: data:; upgrade-insecure-requests content-type text/html; charset=UTF-8 date Sat, 07 May 2022 19:01:39 GMT server nginx strict-transport-security max-age=31536000
GET DATA	200 OK	truncated /	24 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	cvcvt.html bitggdoo.ucoz.net/	230 B 490 B	340ms 149ms	Document text/html	195.216.243.20 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://bitggdoo.ucoz.net/cvcvt.html Requested by Host: broworker1s.com URL: https://broworker1s.com/go/hfqwgztemu5dkmzwg4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.216.243.20 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS s20.ucoz.net Software nginx / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://se13.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Cache-Control max-age=1728000 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sat, 07 May 2022 19:01:39 GMT Expires Fri, 27 May 2022 19:01:39 GMT Keep-Alive timeout=15 Server nginx Transfer-Encoding chunked X-Frame-Options SAMEORIGIN
GET H/1.1	200 OK	Primary Request index.html Show response diamond-seo.clan.su/	5 KB 2 KB	250ms 65ms	Document text/html	193.109.246.67 COMPUBYTE-AS
General Check archive.org Show headers Download Go to Full URL https://diamond-seo.clan.su/index.html Requested by Host: bitggdoo.ucoz.net URL: https://bitggdoo.ucoz.net/cvcvt.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.109.246.67 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY), Reverse DNS dev.ucoz.net Software nginx / Resource Hash e9874b62cb40262b788db568757911284c07186eec77462b88c2bdd92b6d4e7e Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://bitggdoo.ucoz.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Cache-Control max-age=1728000 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sat, 07 May 2022 19:01:41 GMT Expires Fri, 27 May 2022 19:01:41 GMT Keep-Alive timeout=15 Server nginx Transfer-Encoding chunked X-Frame-Options SAMEORIGIN
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.3.1/	85 KB 30 KB	110ms 35ms	Script text/javascript	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: diamond-seo.clan.su URL: https://diamond-seo.clan.su/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://diamond-seo.clan.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Fri, 06 May 2022 08:50:49 GMT content-encoding gzip x-content-type-options nosniff age 123051 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30399 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 06 May 2023 08:50:49 GMT
GET H2	200	firebase-app.js Show response www.gstatic.com/firebasejs/8.2.2/	20 KB 7 KB	115ms 41ms	Script text/javascript	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.2.2/firebase-app.js Requested by Host: diamond-seo.clan.su URL: https://diamond-seo.clan.su/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dadfe4e91e73ab90896138ee443d45aad1bcb0e3de72aaeab3020f1f25a1c4af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://diamond-seo.clan.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 03 May 2022 08:29:53 GMT content-encoding gzip x-content-type-options nosniff age 383507 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6546 x-xss-protection 0 last-modified Thu, 07 Jan 2021 21:51:27 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 03 May 2023 08:29:53 GMT
GET H2	200	firebase-messaging.js Show response www.gstatic.com/firebasejs/8.2.2/	40 KB 11 KB	108ms 35ms	Script text/javascript	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.2.2/firebase-messaging.js Requested by Host: diamond-seo.clan.su URL: https://diamond-seo.clan.su/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://diamond-seo.clan.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 03 May 2022 08:30:01 GMT content-encoding gzip x-content-type-options nosniff age 383499 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10840 x-xss-protection 0 last-modified Thu, 07 Jan 2021 21:51:17 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 03 May 2023 08:30:01 GMT
GET H2	200	https.php Show response news-bavugu.cc/code/	6 KB 2 KB	349ms 129ms	Script text/html	193.108.117.165 GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://news-bavugu.cc/code/https.php?site=8045173&sub1=sub1 Requested by Host: diamond-seo.clan.su URL: https://diamond-seo.clan.su/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.117.165 Frankfurt am Main, Germany, ASN61003 (GLOBALTELEHOST, DE), Reverse DNS 165-117-108-193.clients.gthost.com Software nginx / Resource Hash f0b07a786752015a2a8e5edfb045fc304cccbf2cd45a421e7119536438e082c0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://diamond-seo.clan.su/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers pragma no-cache date Sat, 07 May 2022 19:01:40 GMT cache-control no-cache, must-revalidate server nginx content-encoding gzip vary Accept-Encoding content-type text/html; charset=UTF-8
GET H/1.1	200 OK	arrow.png diamond-seo.clan.su/	1 KB 2 KB	64ms 64ms	Image image/png	193.109.246.67 COMPUBYTE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://diamond-seo.clan.su/arrow.png Requested by Host: diamond-seo.clan.su URL: https://diamond-seo.clan.su/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.109.246.67 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY), Reverse DNS dev.ucoz.net Software nginx / Resource Hash 7001ee4fe402fd79c88f197d46843afadb035933299c80781217a7e9711875c1 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language nl-NL,nl;q=0.9 Referer https://diamond-seo.clan.su/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Sat, 07 May 2022 19:01:41 GMT Last-Modified Fri, 22 Jan 2021 09:06:42 GMT Server nginx ETag "600a95a2-54a" X-Frame-Options SAMEORIGIN Content-Type image/png Cache-Control max-age=1728000 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=15 Content-Length 1354 Expires Fri, 27 May 2022 19:01:41 GMT

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery object| firebase object| firebaseConfig function| revoInit function| httpGet function| saveToken function| pagelocker

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.broworker1s.com/	1970-01-20 03:35:42	Name: uuid Value: 311abfe3-cc5f-47d1-89b9-e372295d857a
			.playattack.biz/	1970-01-20 03:35:42	Name: uuid Value: b02f3d08-384b-41d2-a10b-80cefed04bfe
			.majorikmedia.com/	1970-01-20 03:35:42	Name: uuid Value: e76945c9-9179-4d83-8070-b8ad10a1ae65
			.se13.biz/	1970-01-20 03:35:42	Name: uuid Value: 13af2f65-5e1e-48c8-a25b-4b285e2bbe7c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
atm.ucoz.net
bitggdoo.ucoz.net
bonustra.ucoz.net
broworker1s.com
diamond-seo.clan.su
majorikmedia.com
news-bavugu.cc
playattack.biz
se13.biz
tmix.ucoz.net
www.gstatic.com
104.248.83.85
174.138.2.60
178.62.225.201
193.108.117.165
193.109.246.67
195.216.243.116
195.216.243.20
195.216.243.26
212.129.16.248
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200a
009b1256582a6018cd8b3cea41f2e512aba1150b6020b0323963f0710aebc9a3
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
1179d91e241cbea26748f5c37c22e29e7536e7ebdef99a5e0588f52d224097fb
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
5c1f5b8e54ce3bb56ad38e001c8a82f0b9f7292fc372e46148d3a281b10175a2
6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0
7001ee4fe402fd79c88f197d46843afadb035933299c80781217a7e9711875c1
84e8b06d1b337af21baa24e739a186436e3ff9e7284a9815b603f2e868e4fe6b
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1
bf281e274e8ce9234f108319c07a2d23eb13c5f633de857809d2c41b2277a813
ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef
dadfe4e91e73ab90896138ee443d45aad1bcb0e3de72aaeab3020f1f25a1c4af
e9874b62cb40262b788db568757911284c07186eec77462b88c2bdd92b6d4e7e
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f
f0b07a786752015a2a8e5edfb045fc304cccbf2cd45a421e7119536438e082c0