urlscan.io logo urlscan.io
SecurityTrails logo

zaqwers-3.xyz Open in urlscan Pro
2a0d:c580:1:3:87::1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://zaqwers-2.xyz/iksjdb
Effective URL: https://zaqwers-3.xyz/?s1=cth1
Submission: On June 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 5 countries across 7 domains to perform 15 HTTP transactions. The main IP is 2a0d:c580:1:3:87::1, located in Russian Federation and belongs to ASKONTEL, RU. The main domain is zaqwers-3.xyz.
TLS certificate: Issued by R3 on April 21st 2024. Valid for: 3 months.
This is the only time zaqwers-3.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 46.8.19.202 204490 (ASKONTEL)
8 2a0d:c580:1:3... 204490 (ASKONTEL)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 2a03:2880:f17... 32934 (FACEBOOK)
15 5
Apex Domain
Subdomains		 Transfer
8 zaqwers-3.xyz
zaqwers-3.xyz
589 KB
2 zaqwers-2.xyz
zaqwers-2.xyz
22 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
2 KB
1 svntrk.com
svntrk.com — Cisco Umbrella Rank: 621009
517 B
0 google.com Failed
accounts.google.com — Cisco Umbrella Rank: 20 Failed
0 pornhub.org Failed
de.pornhub.org — Cisco Umbrella Rank: 120673 Failed
0 xvideos.com Failed
www.xvideos.com Failed
15 7
Domain Requested by
8 zaqwers-3.xyz zaqwers-3.xyz
2 zaqwers-2.xyz
1 www.facebook.com zaqwers-3.xyz
1 svntrk.com zaqwers-3.xyz
0 accounts.google.com Failed
0 de.pornhub.org Failed
0 www.xvideos.com Failed zaqwers-3.xyz
15 7

This site contains no links.

Subject Issuer Validity Valid
zaqwers-2.xyz
zaqwers-2.xyz		 2024-05-19 -
2025-05-18		 a year crt.sh
www.zaqwers-3.xyz
R3		 2024-04-21 -
2024-07-20		 3 months crt.sh
svntrk.com
Cloudflare Inc ECC CA-3		 2023-12-28 -
2024-12-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-11 -
2024-06-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://zaqwers-3.xyz/?s1=cth1
Frame ID: 39C6047F8A2D36D3822BCF00B2E77F2D
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Punish her

Page URL History Show full URLs

  1. http://zaqwers-2.xyz/iksjdb HTTP 307
    https://zaqwers-2.xyz/iksjdb Page URL
  2. http://zaqwers-3.xyz/?s1=cth1 HTTP 307
    https://zaqwers-3.xyz/?s1=cth1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

15
Requests

67 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

5
IPs

5
Countries

614 kB
Transfer

607 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zaqwers-2.xyz/iksjdb HTTP 307
    https://zaqwers-2.xyz/iksjdb Page URL
  2. http://zaqwers-3.xyz/?s1=cth1 HTTP 307
    https://zaqwers-3.xyz/?s1=cth1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://zaqwers-2.xyz/iksjdb HTTP 307
  • https://zaqwers-2.xyz/iksjdb
Request Chain 10
  • https://pornhub.com/video/manage?o=mr&t=pr2 HTTP 301
  • https://www.pornhub.com/video/manage?o=mr&t=pr2 HTTP 302
  • https://de.pornhub.org/video/manage?o=mr&t=pr2 HTTP 302
  • https://de.pornhub.org/login
Request Chain 11
  • https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP 302
  • https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AS5LTAR8YCN6nwEbqeDvdO_jgrkYbZXQ145f-1n-kcX8W_1jYVeGhXPGvW75-PPY-dHk8C7gGPvoAQ HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AS5LTAR9sHCo0MPf4IbRzlYX8c_D0Eg1XHex7oLTfjVXfXykArV0npWcOdSgD2G_Ewp0x2YqNAYfCQ&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1359766623%3A1717282458644514&ddm=0

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
iksjdb
zaqwers-2.xyz/
Redirect Chain
  • http://zaqwers-2.xyz/iksjdb
  • https://zaqwers-2.xyz/iksjdb
21 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zaqwers-2.xyz/iksjdb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.8.19.202 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx/1.20.2 / PHP/7.4.33
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 Jun 2024 22:54:16 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.20.2
Strict-Transport-Security
max-age=31536000;
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.33
alt-svc
h3=":443"; ma=86400

Redirect headers

Location
https://zaqwers-2.xyz/iksjdb
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
zaqwers-3.xyz/
Redirect Chain
  • http://zaqwers-3.xyz/?s1=cth1
  • https://zaqwers-3.xyz/?s1=cth1
6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zaqwers-3.xyz/?s1=cth1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0d:c580:1:3:87::1 , Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
ed3f284f0a274cf0b767f3400f8883339228c1071f35a568a45d7d4753d627ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://zaqwers-2.xyz/iksjdb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 Jun 2024 22:54:16 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=31536000;
Transfer-Encoding
chunked
cache-control
private, must-revalidate
expires
-1
pragma
no-cache

Redirect headers

Location
https://zaqwers-3.xyz/?s1=cth1
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
zaqwers-2.xyz/ 		564 B
808 B 		Other
General
Check archive.org
Download Go to
Full URL
https://zaqwers-2.xyz/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.8.19.202 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx/1.20.2 / PHP/7.4.33
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zaqwers-2.xyz/iksjdb
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 01 Jun 2024 22:54:16 GMT
Server
nginx/1.20.2
Connection
keep-alive
X-Powered-By
PHP/7.4.33
alt-svc
h3=":443"; ma=86400
Transfer-Encoding
chunked
Content-Type
text/html;charset=UTF-8
cth1_665ba698cd48d.js
svntrk.com/assets/ 		0
517 B 		Script
General
Check archive.org
Download Go to
Full URL
https://svntrk.com/assets/cth1_665ba698cd48d.js
Requested by
Host: zaqwers-3.xyz
URL: https://zaqwers-3.xyz/?s1=cth1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zaqwers-3.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 22:54:17 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wmo%2B97da%2BbukXvHAUJtAvvRF4xBVxUrNtPPe6%2BskOJB2wA0Cc4ScoeH94r2XrG%2Fnudbf%2FNIrUSpB%2B%2Bgq%2Bwb72tJv8aABb1Y%2Bgjj2y9BFMqIO6qtbSgq7NQA%2BZb4K"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, private
cf-ray
88d2c8dc1f283605-FRA
alt-svc
h3=":443"; ma=86400
fp.v3.646d4b3deea4287def3fdfc18906bcc7.js
zaqwers-3.xyz/scripts/ 		39 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zaqwers-3.xyz/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js
Requested by
Host: zaqwers-3.xyz
URL: https://zaqwers-3.xyz/?s1=cth1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0d:c580:1:3:87::1 , Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zaqwers-3.xyz/?s1=cth1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 01 Jun 2024 22:54:17 GMT
Strict-Transport-Security
max-age=31536000;
last-modified
Tue, 09 Apr 2024 11:06:23 GMT
Server
nginx/1.20.2
etag
"6615212f-9ca8"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
accept-ranges
bytes
Content-Length
40104
vendor.385b113642131292f90332a42c514783.css
zaqwers-3.xyz/landings/70/fonts/ 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zaqwers-3.xyz/landings/70/fonts/vendor.385b113642131292f90332a42c514783.css
Requested by
Host: zaqwers-3.xyz
URL: https://zaqwers-3.xyz/?s1=cth1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0d:c580:1:3:87::1 , Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
8399abab9213355fd700f93643f96de62de5c4683bf25709b2b3770ef9a7d229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zaqwers-3.xyz/?s1=cth1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 01 Jun 2024 22:54:17 GMT
Strict-Transport-Security
max-age=31536000;
last-modified
Tue, 09 Apr 2024 11:06:22 GMT
Server
nginx/1.20.2
etag
"6615212e-27dc"
Content-Type
text/css
Connection
keep-alive
accept-ranges
bytes
Content-Length
10204
vendor.c646da3c88b8155a753aeef51880893f.js
zaqwers-3.xyz/landings/70/js/ 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zaqwers-3.xyz/landings/70/js/vendor.c646da3c88b8155a753aeef51880893f.js
Requested by
Host: zaqwers-3.xyz
URL: https://zaqwers-3.xyz/?s1=cth1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0d:c580:1:3:87::1 , Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
a58da45b28f71ef9815097a0eee0d846978d8ec34b8648edf35dd51711e78c62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zaqwers-3.xyz/?s1=cth1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 01 Jun 2024 22:54:17 GMT
Strict-Transport-Security
max-age=31536000;
last-modified
Tue, 09 Apr 2024 11:06:22 GMT
Server
nginx/1.20.2
etag
"6615212e-16d8e"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
accept-ranges
bytes
Content-Length
93582
image%209.jpg
zaqwers-3.xyz/landings/70/img/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaqwers-3.xyz/landings/70/img/image%209.jpg
Requested by
Host: zaqwers-3.xyz
URL: https://zaqwers-3.xyz/landings/70/fonts/vendor.385b113642131292f90332a42c514783.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0d:c580:1:3:87::1 , Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
1ac651d8abf5512346bd681ed0267eb4ebf7ce53144bfafc23a92198bb2e7eb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zaqwers-3.xyz/landings/70/fonts/vendor.385b113642131292f90332a42c514783.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 01 Jun 2024 22:54:18 GMT
Strict-Transport-Security
max-age=31536000;
last-modified
Tue, 09 Apr 2024 11:06:22 GMT
Server
nginx/1.20.2
etag
"6615212e-d1b3"
Content-Type
image/jpeg
Connection
keep-alive
accept-ranges
bytes
Content-Length
53683
Montserrat-Regular.ttf
zaqwers-3.xyz/landings/70/fonts/ 		193 KB
194 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zaqwers-3.xyz/landings/70/fonts/Montserrat-Regular.ttf
Requested by
Host: zaqwers-3.xyz
URL: https://zaqwers-3.xyz/landings/70/fonts/vendor.385b113642131292f90332a42c514783.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0d:c580:1:3:87::1 , Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
dcfe8df29e553fbd655212f94300cb1e704c6cd147fa7a98cb4bcd9eb92c6707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zaqwers-3.xyz/landings/70/fonts/vendor.385b113642131292f90332a42c514783.css
Origin
https://zaqwers-3.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 01 Jun 2024 22:54:18 GMT
Strict-Transport-Security
max-age=31536000;
last-modified
Tue, 09 Apr 2024 11:06:22 GMT
Server
nginx/1.20.2
etag
"6615212e-30558"
Content-Type
application/octet-stream
Connection
keep-alive
accept-ranges
bytes
Content-Length
197976
Montserrat-Bold.ttf
zaqwers-3.xyz/landings/70/fonts/ 		193 KB
194 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zaqwers-3.xyz/landings/70/fonts/Montserrat-Bold.ttf
Requested by
Host: zaqwers-3.xyz
URL: https://zaqwers-3.xyz/landings/70/fonts/vendor.385b113642131292f90332a42c514783.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0d:c580:1:3:87::1 , Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
189aeb285be99f0b58e454dd2dc3cbf34a6db844a9ef26ebc5909178ff77c5be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zaqwers-3.xyz/landings/70/fonts/vendor.385b113642131292f90332a42c514783.css
Origin
https://zaqwers-3.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 01 Jun 2024 22:54:18 GMT
Strict-Transport-Security
max-age=31536000;
last-modified
Tue, 09 Apr 2024 11:06:22 GMT
Server
nginx/1.20.2
etag
"6615212e-305b8"
Content-Type
application/octet-stream
Connection
keep-alive
accept-ranges
bytes
Content-Length
198072
mk_1123
www.xvideos.com/favorite/90902157/ 		0
0
login
de.pornhub.org/
Redirect Chain
  • https://pornhub.com/video/manage?o=mr&t=pr2
  • https://www.pornhub.com/video/manage?o=mr&t=pr2
  • https://de.pornhub.org/video/manage?o=mr&t=pr2
  • https://de.pornhub.org/login
0
0
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
  • https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
  • https://accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AS5LTAR8YCN6nwEbqeDvdO_jgrkYbZXQ145f-1n-kcX8W_1jYVe...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AS5LTAR9sHCo0MPf4IbRzlYX8c_D0Eg1X...
0
0
like.php
www.facebook.com/v14.0/plugins/ 		67 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/v14.0/plugins/like.php
Requested by
Host: zaqwers-3.xyz
URL: https://zaqwers-3.xyz/?s1=cth1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
date
Sat, 01 Jun 2024 22:54:18 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
67
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1294, tbw=2767, tp=-1, tpl=-1, uplat=103, ullat=0
pragma
no-cache
x-fb-debug
nnNazl7rq0EKpxsu1bHFc1UGkXzK9ELEFHCoEoLSTxm/rU50FDrrWkWNfsAJVNLRPxVPsoop2GvuaFf9t7RwWg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/png
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
favicon.ico
zaqwers-3.xyz/ 		0
283 B 		Other
General
Check archive.org
Download Go to
Full URL
https://zaqwers-3.xyz/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0d:c580:1:3:87::1 , Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zaqwers-3.xyz/?s1=cth1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 01 Jun 2024 22:54:18 GMT
Strict-Transport-Security
max-age=31536000;
last-modified
Tue, 09 Apr 2024 11:06:20 GMT
Server
nginx/1.20.2
etag
"6615212c-0"
Content-Type
image/x-icon
Connection
keep-alive
accept-ranges
bytes
Content-Length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.xvideos.com
URL
https://www.xvideos.com/favorite/90902157/mk_1123
Domain
de.pornhub.org
URL
https://de.pornhub.org/login
Domain
accounts.google.com
URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AS5LTAR9sHCo0MPf4IbRzlYX8c_D0Eg1XHex7oLTfjVXfXykArV0npWcOdSgD2G_Ewp0x2YqNAYfCQ&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1359766623%3A1717282458644514&ddm=0

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FingerprintJS function| getScreenInfo function| getUserAgent function| getLanguages function| x64Add function| x64Multiply function| x64Rotl function| x64LeftShift function| x64Xor function| x64Fmix function| x64hash128 function| picassoCanvas function| picasso function| getVideoCardInfo function| deviceOrientationHandler string| thirdParty string| r string| vl object| fpPromise undefined| ss undefined| redirectURL function| openPopup function| clickButton function| nextStep function| getTimezone function| $ function| jQuery string| ce boolean| sf

11 Cookies

Domain/Path Name / Value
www.pornhub.com/video Name: __s
Value: 665BA69A-42FE722901BBBDAE9-264AEED4
www.pornhub.com/video Name: __l
Value: 665BA69A-42FE722901BBBDAE9-264AEED4
de.pornhub.org/video Name: __s
Value: 665BA69A-42FE722901BB10A26-265A8638
de.pornhub.org/video Name: __l
Value: 665BA69A-42FE722901BB10A26-265A8638
zaqwers-2.xyz/ Name: 2fe559a92234ba695fbbdde4f6281116
Value: 1
zaqwers-3.xyz/ Name: XSRF-TOKEN
Value: eyJpdiI6IjU3dUVKM3lmQzRxdGxTMU05QWxIVEE9PSIsInZhbHVlIjoiN1loaVNTampoYVJHYnZvNmovdGtCdkp5OGNKSEJySys1Y240aFFHM2t3QVJTT3F4N3RTZG1YTGdiRUYzNWdYRSIsIm1hYyI6IjFjNTViYjJlZmE0YmYwNjRiMTVkOTYwNTk3ZDc4NDUzOTA4ZTE5OGY2OTZjZmRjMmY5NjcwNmNmYjY4NmY4YWYifQ%3D%3D
zaqwers-3.xyz/ Name: laravel_session
Value: eyJpdiI6IjJVQ3JUYis0VWsyWWFaeDR6Mk9aRmc9PSIsInZhbHVlIjoiN29XbkR5L0JXbTAwVWNyK1J2cTFhbFdHNjRERXU1VFdxWGY5NTN6RHpGOFNyblJER3dnVHRYN3FCd3ZIUW1KRSIsIm1hYyI6IjMzMjUzMTc4NDdiOWMxMzc1ZDA4MGE0ZmUyODRlOTA4NmU5YjQ3NjAzYWZmNzg1OGNlYTZjMDIxNjdkMTgyODgifQ%3D%3D
zaqwers-3.xyz/ Name: SRVNAME
Value: w2
svntrk.com/ Name: svnimp
Value: 665ba699b4770
de.pornhub.org/ Name: __s
Value: 665BA69A-42FE722901BB10A26-265A86BF
de.pornhub.org/ Name: __l
Value: 665BA69A-42FE722901BB10A26-265A86BF

8 Console Messages

Source Level URL
Text
network error URL: https://zaqwers-2.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
other warning URL: https://zaqwers-3.xyz/?s1=cth1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaqwers-3.xyz/?s1=cth1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaqwers-3.xyz/?s1=cth1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaqwers-3.xyz/?s1=cth1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaqwers-3.xyz/?s1=cth1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaqwers-3.xyz/?s1=cth1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://zaqwers-3.xyz/?s1=cth1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;