urlscan.io logo urlscan.io
SecurityTrails logo

d3nitg.a3tmjy.xyz Open in urlscan Pro
23.225.153.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ndvsay.xyz/
Effective URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Submission: On April 17 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 13 domains to perform 37 HTTP transactions. The main IP is 23.225.153.13, located in United States and belongs to CNSERVERS, US. The main domain is d3nitg.a3tmjy.xyz.
TLS certificate: Issued by R3 on April 10th 2024. Valid for: 3 months.
This is the only time d3nitg.a3tmjy.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    198.16.62.51 (United States)

ASN40065 (CNSERVERS, US)
ndvsay.xyz
4    23.225.153.13 (United States)

ASN40065 (CNSERVERS, US)
yese1h.xyz
d3nitg.a3tmjy.xyz
7    172.247.125.52 (None, )

ASN- ()
gzprknyf.hebeimanlong.com
plgku.86398ti.buzz
st.86398ti.buzz
v1imvvfc356.salantool.com
15    172.247.125.37 (None, )

ASN- ()
5gixb.xyz
4    23.225.112.98 (None, )

ASN- ()
zbb.bbb.zbef4s.net
zbb.bbb.veykepd.com
2    23.225.112.99 (None, )

ASN- ()
zbb.bbb.t59mtdv.com
1    23.224.202.141 (None, )

ASN- ()
ow98o.sbs
8    2a02:6b8::1:119 (None, )

ASN- ()
mc.yandex.ru
mc.webvisor.org
Domain Requested by
15 5gixb.xyz d3nitg.a3tmjy.xyz
6 mc.yandex.ru 3 redirects d3nitg.a3tmjy.xyz
3 gzprknyf.hebeimanlong.com d3nitg.a3tmjy.xyz
3 d3nitg.a3tmjy.xyz 1 redirects ndvsay.xyz
d3nitg.a3tmjy.xyz
3 ndvsay.xyz 1 redirects
2 mc.webvisor.org 1 redirects d3nitg.a3tmjy.xyz
2 zbb.bbb.veykepd.com d3nitg.a3tmjy.xyz
2 zbb.bbb.t59mtdv.com d3nitg.a3tmjy.xyz
2 zbb.bbb.zbef4s.net d3nitg.a3tmjy.xyz
2 st.86398ti.buzz d3nitg.a3tmjy.xyz
1 ow98o.sbs d3nitg.a3tmjy.xyz
1 v1imvvfc356.salantool.com d3nitg.a3tmjy.xyz
1 plgku.86398ti.buzz d3nitg.a3tmjy.xyz
1 yese1h.xyz 1 redirects
37 14

This site contains links to these domains. Also see Links.

Domain
s.a3tmjy.xyz
bkng5gk.com
8xokexld.ypfwkhdjf.com
service.weibo.com
telegram.me
twitter.com
Subject Issuer Validity Valid
ndvsay.xyz
R3		 2024-04-11 -
2024-07-10		 3 months crt.sh
a3tmjy.xyz
R3		 2024-04-10 -
2024-07-09		 3 months crt.sh
gzprknyf.hebeimanlong.com
Buypass Class 2 CA 5		 2024-02-02 -
2024-07-30		 6 months crt.sh
86398ti.buzz
ZeroSSL ECC Domain Secure Site CA		 2024-04-04 -
2024-07-03		 3 months crt.sh
5gixb.xyz
R3		 2024-02-25 -
2024-05-25		 3 months crt.sh
zbb.bbb.zbef4s.net
R3		 2024-04-08 -
2024-07-07		 3 months crt.sh
zbb.bbb.t59mtdv.com
R3		 2024-04-08 -
2024-07-07		 3 months crt.sh
zbb.bbb.veykepd.com
R3		 2024-04-08 -
2024-07-07		 3 months crt.sh
v1imvvfc356.salantool.com
Buypass Class 2 CA 5		 2024-02-02 -
2024-07-30		 6 months crt.sh
ow98o.sbs
R3		 2024-04-04 -
2024-07-03		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh

This page contains 1 frames:

Primary Page: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Frame ID: A62EBCFBF03A2286B075342DC2AB18E8
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

5G影院 - 天天5g天天爽

Page URL History Show full URLs

  1. https://ndvsay.xyz/ Page URL
  2. https://ndvsay.xyz/?key=ok HTTP 302
    https://yese1h.xyz/ HTTP 302
    https://d3nitg.a3tmjy.xyz/ HTTP 301
    https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2 Page URL

Page Statistics

37
Requests

92 %
HTTPS

13 %
IPv6

13
Domains

14
Subdomains

8
IPs

1
Countries

1464 kB
Transfer

1460 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ndvsay.xyz/ Page URL
  2. https://ndvsay.xyz/?key=ok HTTP 302
    https://yese1h.xyz/ HTTP 302
    https://d3nitg.a3tmjy.xyz/ HTTP 301
    https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fd3nitg.a3tmjy.xyz%2Findex.html%3Fdwtjmf%3D0l7e2&page-ref=https%3A%2F%2Fndvsay.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c82uo0s8%3Afp%3A1912%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A860%3Acn%3A2%3Adp%3A0%3Als%3A1243258878444%3Ahid%3A785719771%3Az%3A120%3Ai%3A20240417123853%3Aet%3A1713350333%3Ac%3A1%3Arn%3A154113652%3Arqn%3A1%3Au%3A1713350333233964207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1713350330171%3Ads%3A0%2C0%2C224%2C1%2C1451%2C0%2C%2C215%2C0%2C%2C%2C%2C1893%3Awv%3A2%3Aco%3A0%3Ast%3A1713350333&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fd3nitg.a3tmjy.xyz%2Findex.html%3Fdwtjmf%3D0l7e2&page-ref=https%3A%2F%2Fndvsay.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c82uo0s8%3Afp%3A1912%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A860%3Acn%3A2%3Adp%3A0%3Als%3A1243258878444%3Ahid%3A785719771%3Az%3A120%3Ai%3A20240417123853%3Aet%3A1713350333%3Ac%3A1%3Arn%3A154113652%3Arqn%3A1%3Au%3A1713350333233964207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1713350330171%3Ads%3A0%2C0%2C224%2C1%2C1451%2C0%2C%2C215%2C0%2C%2C%2C%2C1893%3Awv%3A2%3Aco%3A0%3Ast%3A1713350333&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29ti%282%29&redirnss=1
Request Chain 32
  • https://mc.yandex.ru/watch/93209010?wmode=7&page-url=https%3A%2F%2Fd3nitg.a3tmjy.xyz%2Findex.html%3Fdwtjmf%3D0l7e2&page-ref=https%3A%2F%2Fndvsay.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c82uo0s8%3Afp%3A1912%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A811413280468%3Ahid%3A785719771%3Az%3A120%3Ai%3A20240417123853%3Aet%3A1713350333%3Ac%3A1%3Arn%3A880420105%3Arqn%3A1%3Au%3A1713350333233964207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1713350330171%3Ads%3A0%2C0%2C224%2C1%2C1451%2C0%2C%2C215%2C0%2C%2C%2C%2C1893%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1713350333%3At%3A5G%E5%BD%B1%E9%99%A2%20-%20%E5%A4%A9%E5%A4%A95g%E5%A4%A9%E5%A4%A9%E7%88%BD&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/93209010/1?wmode=7&page-url=https%3A%2F%2Fd3nitg.a3tmjy.xyz%2Findex.html%3Fdwtjmf%3D0l7e2&page-ref=https%3A%2F%2Fndvsay.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c82uo0s8%3Afp%3A1912%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A811413280468%3Ahid%3A785719771%3Az%3A120%3Ai%3A20240417123853%3Aet%3A1713350333%3Ac%3A1%3Arn%3A880420105%3Arqn%3A1%3Au%3A1713350333233964207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1713350330171%3Ads%3A0%2C0%2C224%2C1%2C1451%2C0%2C%2C215%2C0%2C%2C%2C%2C1893%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1713350333%3At%3A5G%E5%BD%B1%E9%99%A2%20-%20%E5%A4%A9%E5%A4%A95g%E5%A4%A9%E5%A4%A9%E7%88%BD&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29&redirnss=1
Request Chain 34
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10342.Lgpr-YzHcYuU_8zRCvvBUBIC9FAOjZnqn2IIQWJNHFTLY7AjqY42N3cz_e0Z0vlo.WltfNa2ID7sWUvc41WmhPR9-VDs%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=10342.ta4CPzpuc7_M7izU9lhseN4osuuMAg7xVprALhFUa8Ueh12FuIJHViCU2N4WaAI_90D3PAo37dxY0kKRf1F8WdrIrItitiQTLZaHVKg1QicQlDZ5XVPIxTb3oIimZkQfecvlvBqMGoUVitr_ROC4NqoSz4H-C3WOxf1Zr0qoWNWKdhrTVZNykGSUcTswtB_z5eiKZ8gf7O3u-3E6cpvcyvIf-rdY-s64RHJys_1LcKM%2C.yBnLnViDSs227ofU5D5RhHoxNGw%2C

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ndvsay.xyz/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ndvsay.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.16.62.51 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
openresty /
Resource Hash
7e8048c022836462a6c4c85e2db090dfa21c4513863183cf28c10c2831922ebc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 17 Apr 2024 10:38:22 GMT
etag
W/"65ea108c-62b"
last-modified
Thu, 07 Mar 2024 19:07:56 GMT
server
openresty
vary
Accept-Encoding
favicon.ico
ndvsay.xyz/ 		552 B
652 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ndvsay.xyz/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.16.62.51 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
openresty /
Resource Hash
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ndvsay.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 17 Apr 2024 10:38:22 GMT
server
openresty
content-length
552
content-type
text/html; charset=utf-8
Primary Request index.html
d3nitg.a3tmjy.xyz/
Redirect Chain
  • https://ndvsay.xyz/?key=ok
  • https://yese1h.xyz/
  • https://d3nitg.a3tmjy.xyz/
  • https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
54 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Requested by
Host: ndvsay.xyz
URL: https://ndvsay.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.225.153.13 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
openresty /
Resource Hash
df35b14790e899915a584ec04cac4eb7943227d0c39a2013b1dc64b4dac22f30
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ndvsay.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 17 Apr 2024 10:38:51 GMT
etag
W/"661f5dce-d741"
last-modified
Wed, 17 Apr 2024 05:27:42 GMT
server
openresty
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

access-control-allow-origin
*
content-length
166
content-type
text/html
date
Wed, 17 Apr 2024 10:38:51 GMT
location
https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
server
openresty
x-frame-options
SAMEORIGIN
mz.js
d3nitg.a3tmjy.xyz/ 		1 KB
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3nitg.a3tmjy.xyz/mz.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.225.153.13 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
openresty /
Resource Hash
7b887606ac2110ba7fbde27b9ae308f4a48ec374bb18fb1af9d5bb5112b6557c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:51 GMT
content-encoding
gzip
last-modified
Wed, 17 Apr 2024 09:35:43 GMT
server
openresty
etag
W/"661f97ef-5c9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
style.css
gzprknyf.hebeimanlong.com/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gzprknyf.hebeimanlong.com/style.css
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.52 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
de3753c83ac0a14ade2bffe0d5582102bacdbacf6ceba42edfa10766f61e8d27

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Fri, 15 Mar 2024 04:03:16 GMT
server
openresty
etag
W/"65f3c884-58b0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
5gt02.gif
plgku.86398ti.buzz/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plgku.86398ti.buzz:8443/5gt02.gif
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.52 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
f90ec5faccbc9f736164903a896809004652a7604b9585ab11142321710e9610

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
last-modified
Fri, 15 Mar 2024 04:03:16 GMT
server
openresty
etag
"65f3c884-4e54"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
20052
c614a1191eb4876ea4c7834e88d3cd09.webp.js
5gixb.xyz/pic/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5gixb.xyz:1443/pic/c614a1191eb4876ea4c7834e88d3cd09.webp.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.37 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
631dfa2aff55c685075134fd83a428940e2f6c8300eef7eb609e14faaa0862c1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 13:01:02 GMT
server
openresty
etag
W/"6619308e-e226"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
2365990894c82007a9beaf52f0dbfe17.webp.js
5gixb.xyz/pic/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5gixb.xyz:1443/pic/2365990894c82007a9beaf52f0dbfe17.webp.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.37 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
dd5206923b7de376efb5eb3186659069fc725a8758bb50175dba45166c84008c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 13:01:02 GMT
server
openresty
etag
W/"6619308e-b90c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
6ceff71a7372bfa6595c3a8460187587.webp.js
5gixb.xyz/pic/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5gixb.xyz:1443/pic/6ceff71a7372bfa6595c3a8460187587.webp.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.37 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
8c320056835648da7feef38b1a4b065e092f97873c89dd1963f516acd2391ad4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Tue, 09 Apr 2024 02:58:46 GMT
server
openresty
etag
W/"6614aee6-8db0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
2fc20bc1e43ecdfb4631abcf38bb10c4.webp.js
5gixb.xyz/pic/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5gixb.xyz:1443/pic/2fc20bc1e43ecdfb4631abcf38bb10c4.webp.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.37 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
0fc18cd17246813f54805ac6f198489a4c8558dc66e40f5ea8467c02305388aa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 13:01:02 GMT
server
openresty
etag
W/"6619308e-e568"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
aa1751a97f361f443e8b441dd00e9003.webp.js
5gixb.xyz/pic/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5gixb.xyz:1443/pic/aa1751a97f361f443e8b441dd00e9003.webp.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.37 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
fa81b9c5210bd8b398fe3148529135380e62d262d9e892ab0f1b5f61c9c6c057
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Tue, 09 Apr 2024 02:58:44 GMT
server
openresty
etag
W/"6614aee4-91fc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
0e48fee9ce6a3e8aeac02ed10c5db6b1.webp.js
5gixb.xyz/pic/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5gixb.xyz:1443/pic/0e48fee9ce6a3e8aeac02ed10c5db6b1.webp.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.37 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
e41f105ef73060340323a946db6e897b36f3d0b24690e538737afc3b5accebc5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 13:01:02 GMT
server
openresty
etag
W/"6619308e-989a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
db34d1c1a8ef57a66ff095f5361a8cc5.webp.js
5gixb.xyz/pic/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5gixb.xyz:1443/pic/db34d1c1a8ef57a66ff095f5361a8cc5.webp.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.37 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
79c66cbb6df2ab4df8221ee36bef2df563b12280c3b1b605a7272f532eb930e7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Sat, 06 Apr 2024 12:26:50 GMT
server
openresty
etag
W/"66113f8a-921c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
677f0c63ef36a8885c68e55434df2701.webp.js
5gixb.xyz/pic/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5gixb.xyz:1443/pic/677f0c63ef36a8885c68e55434df2701.webp.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.37 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
1fbd16e4e359ccde3ba5483e0badda6d488160843cc16de7072d7288dd23d681
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Tue, 09 Apr 2024 02:58:48 GMT
server
openresty
etag
W/"6614aee8-93b8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
3a808e9484ed4358b95f86a7edae8637.webp.js
5gixb.xyz/pic/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5gixb.xyz:1443/pic/3a808e9484ed4358b95f86a7edae8637.webp.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.37 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
9fb3c06e2c8d263502715a84ad7bb96902970087fbda902ec537ea2eb5bc02c1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Sun, 14 Apr 2024 03:11:56 GMT
server
openresty
etag
W/"661b497c-a8f4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
1f93bb72e43236339b56da4821a7356a.webp.js
5gixb.xyz/pic/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5gixb.xyz:1443/pic/1f93bb72e43236339b56da4821a7356a.webp.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.37 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
599197ce00d3a4e1c5e11c41052e4a62eb31ae04d9f25e504d3db6ad0413dfe4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Thu, 11 Apr 2024 03:17:35 GMT
server
openresty
etag
W/"6617564f-8da4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
95069969686c651e42828bcef7ac7753.webp.js
5gixb.xyz/pic/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5gixb.xyz:1443/pic/95069969686c651e42828bcef7ac7753.webp.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.37 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
754e869d34858ac5cfac977f645ba39697cc2028bba799a4446ae1f866756081
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Sun, 14 Apr 2024 03:11:55 GMT
server
openresty
etag
W/"661b497b-e9da"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
4582a3d186ea81387809f7cd65368c3a.webp.js
5gixb.xyz/pic/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5gixb.xyz:1443/pic/4582a3d186ea81387809f7cd65368c3a.webp.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.37 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
f0434618db6075d80d692f6117ff1c2ab62fcc4e89eee3da6680700113f3f18d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Sun, 14 Apr 2024 03:11:55 GMT
server
openresty
etag
W/"661b497b-cb90"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
03cac161782d8b0a007bad83455ec71b.webp.js
5gixb.xyz/pic/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5gixb.xyz:1443/pic/03cac161782d8b0a007bad83455ec71b.webp.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.37 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
93438ec3d0c3de7dbd47638847fe68d58fecac904e38510d3af8c27bbf52a832
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Sat, 06 Apr 2024 07:19:03 GMT
server
openresty
etag
W/"6610f767-753a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
d35d3f1e3fa69fa3020e6235abc77e1d.webp.js
5gixb.xyz/pic/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5gixb.xyz:1443/pic/d35d3f1e3fa69fa3020e6235abc77e1d.webp.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.37 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
acde360b2f3f6f0706a58d033b918dd3e75cefc82706926debc5205a60b79a8e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Tue, 09 Apr 2024 02:58:44 GMT
server
openresty
etag
W/"6614aee4-875c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
ae94ea139a7ec3fc6f26a93974769f06.webp.js
5gixb.xyz/pic/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5gixb.xyz:1443/pic/ae94ea139a7ec3fc6f26a93974769f06.webp.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.37 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
28e1c1a9e7e3ceb73e85a76bc4e0e695367a97ca6a7b638cd5131de6550a2554
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Sun, 07 Apr 2024 03:05:17 GMT
server
openresty
etag
W/"66120d6d-55ae"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
tag.js
gzprknyf.hebeimanlong.com/ 		206 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gzprknyf.hebeimanlong.com/tag.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.52 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
10ec92cd7f762ddfb9a98f616099bf3b024a2e8cb8926d3891cf4e399ba77913

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Fri, 15 Mar 2024 04:03:16 GMT
server
openresty
etag
W/"65f3c884-3372a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
video.min.js
st.86398ti.buzz/ 		0
162 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://st.86398ti.buzz:8443/video.min.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.52 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Fri, 15 Mar 2024 04:02:01 GMT
server
openresty
etag
W/"65f3c839-7eac7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
video-js.min.css
st.86398ti.buzz/ 		0
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://st.86398ti.buzz:8443/video-js.min.css
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.52 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Fri, 15 Mar 2024 04:02:01 GMT
server
openresty
etag
W/"65f3c839-c27d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
ksjdfhaksjdfhaskjdfhaskjdfhsdk5646.gif.js
zbb.bbb.zbef4s.net/ 		47 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zbb.bbb.zbef4s.net/ksjdfhaksjdfhaskjdfhaskjdfhsdk5646.gif.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.225.112.98 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
2ec7a90ee90586408102d79ce6c8377a26af5da780771d441f60e8aa6b646a29

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Wed, 17 Apr 2024 05:27:53 GMT
server
openresty
etag
W/"661f5dd9-bd99"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
58_0158_600200_live_.gif.js
zbb.bbb.t59mtdv.com/ 		63 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zbb.bbb.t59mtdv.com/58_0158_600200_live_.gif.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.225.112.99 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
9b28b27c1f86c7d156cf68c113001940c906542661f30599c23c9666d7c4d282

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Mon, 01 Jan 2024 12:50:01 GMT
server
openresty
etag
W/"6592b4f9-fd20"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
1xmcmzx5ghfdingq115f814.gif.js
zbb.bbb.veykepd.com/ 		80 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zbb.bbb.veykepd.com/1xmcmzx5ghfdingq115f814.gif.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.225.112.98 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
973f615e927bc7d190d82470685eb2512ea540e9286cce734e81ed63384aac35

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:53 GMT
content-encoding
gzip
last-modified
Wed, 17 Apr 2024 09:33:36 GMT
server
openresty
etag
W/"661f9770-14078"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
greagrgweherhherhyreyearregere25633533.gif.js
zbb.bbb.zbef4s.net/ 		82 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zbb.bbb.zbef4s.net/greagrgweherhherhyreyearregere25633533.gif.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.225.112.98 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
a4b802ee8b293c0b88c29f9c0cc8e4886d9178b9836ae805610ac93d7949c225

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Mon, 08 Apr 2024 10:50:32 GMT
server
openresty
etag
W/"6613cbf8-147aa"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
JS-B-WL-0416-4.gif.js
v1imvvfc356.salantool.com/exp/ 		115 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v1imvvfc356.salantool.com/exp/JS-B-WL-0416-4.gif.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.52 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
55c232c141b72c8ef0ca0bd8137eede360599e58bcc4a63ad1adf6434b99ad55

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:53 GMT
content-encoding
gzip
last-modified
Tue, 16 Apr 2024 09:15:54 GMT
server
openresty
etag
W/"661e41ca-1cc21"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
0910hf-960*200.gif.js
zbb.bbb.t59mtdv.com/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zbb.bbb.t59mtdv.com/0910hf-960*200.gif.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.225.112.99 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
60b003384febcac850d7076e5ca290e8fdc8cb4ab9a1e0f19fa87c628554aa44

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:52 GMT
content-encoding
gzip
last-modified
Mon, 26 Feb 2024 04:10:05 GMT
server
openresty
etag
W/"65dc0f1d-21b9d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
oh0Pneg4vN.gif
ow98o.sbs/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow98o.sbs/oh0Pneg4vN.gif
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.224.202.141 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
4964a4d4457afacdbaa674b648147ae1b9af69e1b8f910b1e59755d4b2f6213c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:38 GMT
content-encoding
gzip
last-modified
Sun, 21 Jan 2024 07:06:42 GMT
server
openresty
etag
W/"65acc282-2a1f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
xcrgcmzx1yst1.jpeg.js
zbb.bbb.veykepd.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zbb.bbb.veykepd.com/xcrgcmzx1yst1.jpeg.js
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.225.112.98 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
29e6f120f2b75a2d850d73b5ce40ef40a3f862105ca64e07501347004ece1148

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:53 GMT
content-encoding
gzip
last-modified
Thu, 04 Apr 2024 12:53:59 GMT
server
openresty
etag
W/"660ea2e7-f02"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fd3nitg.a3tmjy.xyz%2Findex.html%3Fdwtjmf%3D0l7e2&page-ref=https%3A%2F%2Fndvsay.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fd3nitg.a3tmjy.xyz%2Findex.html%3Fdwtjmf%3D0l7e2&page-ref=https%3A%2F%2Fndvsay.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf...
284 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fd3nitg.a3tmjy.xyz%2Findex.html%3Fdwtjmf%3D0l7e2&page-ref=https%3A%2F%2Fndvsay.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c82uo0s8%3Afp%3A1912%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A860%3Acn%3A2%3Adp%3A0%3Als%3A1243258878444%3Ahid%3A785719771%3Az%3A120%3Ai%3A20240417123853%3Aet%3A1713350333%3Ac%3A1%3Arn%3A154113652%3Arqn%3A1%3Au%3A1713350333233964207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1713350330171%3Ads%3A0%2C0%2C224%2C1%2C1451%2C0%2C%2C215%2C0%2C%2C%2C%2C1893%3Awv%3A2%3Aco%3A0%3Ast%3A1713350333&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29ti%282%29&redirnss=1
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Server
2a02:6b8::1:119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c1c293e1996691b9f4ab480fc0a0cf4562d910b2c861ed54f77cc89e7133c71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://d3nitg.a3tmjy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 10:38:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 17-Apr-2024 10:38:53 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://d3nitg.a3tmjy.xyz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
284
x-xss-protection
1; mode=block
expires
Wed, 17-Apr-2024 10:38:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Apr 2024 10:38:53 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 17-Apr-2024 10:38:53 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Fd3nitg.a3tmjy.xyz%2Findex.html%3Fdwtjmf%3D0l7e2&page-ref=https%3A%2F%2Fndvsay.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c82uo0s8%3Afp%3A1912%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A860%3Acn%3A2%3Adp%3A0%3Als%3A1243258878444%3Ahid%3A785719771%3Az%3A120%3Ai%3A20240417123853%3Aet%3A1713350333%3Ac%3A1%3Arn%3A154113652%3Arqn%3A1%3Au%3A1713350333233964207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1713350330171%3Ads%3A0%2C0%2C224%2C1%2C1451%2C0%2C%2C215%2C0%2C%2C%2C%2C1893%3Awv%3A2%3Aco%3A0%3Ast%3A1713350333&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29ti%282%29&redirnss=1
access-control-allow-origin
https://d3nitg.a3tmjy.xyz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 17-Apr-2024 10:38:53 GMT
1
mc.yandex.ru/watch/93209010/
Redirect Chain
  • https://mc.yandex.ru/watch/93209010?wmode=7&page-url=https%3A%2F%2Fd3nitg.a3tmjy.xyz%2Findex.html%3Fdwtjmf%3D0l7e2&page-ref=https%3A%2F%2Fndvsay.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14...
  • https://mc.yandex.ru/watch/93209010/1?wmode=7&page-url=https%3A%2F%2Fd3nitg.a3tmjy.xyz%2Findex.html%3Fdwtjmf%3D0l7e2&page-ref=https%3A%2F%2Fndvsay.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A...
455 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/93209010/1?wmode=7&page-url=https%3A%2F%2Fd3nitg.a3tmjy.xyz%2Findex.html%3Fdwtjmf%3D0l7e2&page-ref=https%3A%2F%2Fndvsay.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c82uo0s8%3Afp%3A1912%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A811413280468%3Ahid%3A785719771%3Az%3A120%3Ai%3A20240417123853%3Aet%3A1713350333%3Ac%3A1%3Arn%3A880420105%3Arqn%3A1%3Au%3A1713350333233964207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1713350330171%3Ads%3A0%2C0%2C224%2C1%2C1451%2C0%2C%2C215%2C0%2C%2C%2C%2C1893%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1713350333%3At%3A5G%E5%BD%B1%E9%99%A2%20-%20%E5%A4%A9%E5%A4%A95g%E5%A4%A9%E5%A4%A9%E7%88%BD&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29&redirnss=1
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Server
2a02:6b8::1:119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
24e39c5b17fd3bf121504fd43a0e6cff72917217581b30d40bedefad9837aed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://d3nitg.a3tmjy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 10:38:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 17-Apr-2024 10:38:53 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://d3nitg.a3tmjy.xyz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
455
x-xss-protection
1; mode=block
expires
Wed, 17-Apr-2024 10:38:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Apr 2024 10:38:53 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 17-Apr-2024 10:38:53 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/93209010/1?wmode=7&page-url=https%3A%2F%2Fd3nitg.a3tmjy.xyz%2Findex.html%3Fdwtjmf%3D0l7e2&page-ref=https%3A%2F%2Fndvsay.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c82uo0s8%3Afp%3A1912%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A811413280468%3Ahid%3A785719771%3Az%3A120%3Ai%3A20240417123853%3Aet%3A1713350333%3Ac%3A1%3Arn%3A880420105%3Arqn%3A1%3Au%3A1713350333233964207%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1713350330171%3Ads%3A0%2C0%2C224%2C1%2C1451%2C0%2C%2C215%2C0%2C%2C%2C%2C1893%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1713350333%3At%3A5G%E5%BD%B1%E9%99%A2%20-%20%E5%A4%A9%E5%A4%A95g%E5%A4%A9%E5%A4%A9%E7%88%BD&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29&redirnss=1
access-control-allow-origin
https://d3nitg.a3tmjy.xyz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 17-Apr-2024 10:38:53 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:53 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 11 Apr 2024 11:01:32 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6617c30c-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 17 Apr 2024 11:38:53 GMT
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10342.Lgpr-YzHcYuU_8zRCvvBUBIC9FAOjZnqn2IIQWJNHFTLY7AjqY42N3cz_e0Z0vlo.WltfNa2ID7sWUvc41WmhPR9-VDs%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=10342.ta4CPzpuc7_M7izU9lhseN4osuuMAg7xVprALhFUa8Ueh12FuIJHViCU2N4WaAI_90D3PAo37dxY0kKRf1F8WdrIrItitiQTLZaHVKg1QicQlDZ5XVPIxTb3oIimZkQfecvlvBqM...
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=10342.ta4CPzpuc7_M7izU9lhseN4osuuMAg7xVprALhFUa8Ueh12FuIJHViCU2N4WaAI_90D3PAo37dxY0kKRf1F8WdrIrItitiQTLZaHVKg1QicQlDZ5XVPIxTb3oIimZkQfecvlvBqMGoUVitr_ROC4NqoSz4H-C3WOxf1Zr0qoWNWKdhrTVZNykGSUcTswtB_z5eiKZ8gf7O3u-3E6cpvcyvIf-rdY-s64RHJys_1LcKM%2C.yBnLnViDSs227ofU5D5RhHoxNGw%2C
Requested by
Host: d3nitg.a3tmjy.xyz
URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Protocol
H2
Server
2a02:6b8::1:119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://d3nitg.a3tmjy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Apr 2024 10:38:53 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=10342.ta4CPzpuc7_M7izU9lhseN4osuuMAg7xVprALhFUa8Ueh12FuIJHViCU2N4WaAI_90D3PAo37dxY0kKRf1F8WdrIrItitiQTLZaHVKg1QicQlDZ5XVPIxTb3oIimZkQfecvlvBqMGoUVitr_ROC4NqoSz4H-C3WOxf1Zr0qoWNWKdhrTVZNykGSUcTswtB_z5eiKZ8gf7O3u-3E6cpvcyvIf-rdY-s64RHJys_1LcKM%2C.yBnLnViDSs227ofU5D5RhHoxNGw%2C
date
Wed, 17 Apr 2024 10:38:53 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
favicon-32x32.png
gzprknyf.hebeimanlong.com/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gzprknyf.hebeimanlong.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.247.125.52 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
8b6ef61769111e815278c6962f8d33b2dab924b5670b9d18feb56d6d6f658792

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://d3nitg.a3tmjy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:38:54 GMT
last-modified
Fri, 15 Mar 2024 04:03:16 GMT
server
openresty
etag
"65f3c884-988"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
2440

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| pazz1 string| yzza2 string| zfea3 string| ssaa4 string| hgzz5 string| nqzz6 string| qwoe7 string| cczz8 string| zjzaq9 string| fqfxx10 string| cssam11 string| q882112 string| iuujc13 string| qq34s14 string| ivccc15 string| n667a16 string| na12a17 string| mnnaq18 string| kkzwa19 function| ym string| pageTitle string| shareUrl object| parts1 string| result1 string| s function| closePost undefined| test

0 Cookies

52 Console Messages

Source Level URL
Text
network error URL: https://ndvsay.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d3nitg.a3tmjy.xyz/index.html?dwtjmf=0l7e2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5gixb.xyz
d3nitg.a3tmjy.xyz
gzprknyf.hebeimanlong.com
mc.webvisor.org
mc.yandex.ru
ndvsay.xyz
ow98o.sbs
plgku.86398ti.buzz
st.86398ti.buzz
v1imvvfc356.salantool.com
yese1h.xyz
zbb.bbb.t59mtdv.com
zbb.bbb.veykepd.com
zbb.bbb.zbef4s.net
172.247.125.37
172.247.125.52
198.16.62.51
23.224.202.141
23.225.112.98
23.225.112.99
23.225.153.13
2a02:6b8::1:119
0fc18cd17246813f54805ac6f198489a4c8558dc66e40f5ea8467c02305388aa
10ec92cd7f762ddfb9a98f616099bf3b024a2e8cb8926d3891cf4e399ba77913
1fbd16e4e359ccde3ba5483e0badda6d488160843cc16de7072d7288dd23d681
24e39c5b17fd3bf121504fd43a0e6cff72917217581b30d40bedefad9837aed4
28e1c1a9e7e3ceb73e85a76bc4e0e695367a97ca6a7b638cd5131de6550a2554
29e6f120f2b75a2d850d73b5ce40ef40a3f862105ca64e07501347004ece1148
2ec7a90ee90586408102d79ce6c8377a26af5da780771d441f60e8aa6b646a29
3c1c293e1996691b9f4ab480fc0a0cf4562d910b2c861ed54f77cc89e7133c71
4964a4d4457afacdbaa674b648147ae1b9af69e1b8f910b1e59755d4b2f6213c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c232c141b72c8ef0ca0bd8137eede360599e58bcc4a63ad1adf6434b99ad55
599197ce00d3a4e1c5e11c41052e4a62eb31ae04d9f25e504d3db6ad0413dfe4
60b003384febcac850d7076e5ca290e8fdc8cb4ab9a1e0f19fa87c628554aa44
631dfa2aff55c685075134fd83a428940e2f6c8300eef7eb609e14faaa0862c1
754e869d34858ac5cfac977f645ba39697cc2028bba799a4446ae1f866756081
79c66cbb6df2ab4df8221ee36bef2df563b12280c3b1b605a7272f532eb930e7
7b887606ac2110ba7fbde27b9ae308f4a48ec374bb18fb1af9d5bb5112b6557c
7e8048c022836462a6c4c85e2db090dfa21c4513863183cf28c10c2831922ebc
8b6ef61769111e815278c6962f8d33b2dab924b5670b9d18feb56d6d6f658792
8c320056835648da7feef38b1a4b065e092f97873c89dd1963f516acd2391ad4
93438ec3d0c3de7dbd47638847fe68d58fecac904e38510d3af8c27bbf52a832
973f615e927bc7d190d82470685eb2512ea540e9286cce734e81ed63384aac35
9b28b27c1f86c7d156cf68c113001940c906542661f30599c23c9666d7c4d282
9fb3c06e2c8d263502715a84ad7bb96902970087fbda902ec537ea2eb5bc02c1
a4b802ee8b293c0b88c29f9c0cc8e4886d9178b9836ae805610ac93d7949c225
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb
acde360b2f3f6f0706a58d033b918dd3e75cefc82706926debc5205a60b79a8e
dd5206923b7de376efb5eb3186659069fc725a8758bb50175dba45166c84008c
de3753c83ac0a14ade2bffe0d5582102bacdbacf6ceba42edfa10766f61e8d27
df35b14790e899915a584ec04cac4eb7943227d0c39a2013b1dc64b4dac22f30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41f105ef73060340323a946db6e897b36f3d0b24690e538737afc3b5accebc5
f0434618db6075d80d692f6117ff1c2ab62fcc4e89eee3da6680700113f3f18d
f90ec5faccbc9f736164903a896809004652a7604b9585ab11142321710e9610
fa81b9c5210bd8b398fe3148529135380e62d262d9e892ab0f1b5f61c9c6c057