safety.9t89.xyz Open in urlscan Pro
77.247.126.221  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response safety.9t89.xyz/	12 KB 4 KB	562ms 177ms	Document text/html	77.247.126.221 Global ASN
General Check archive.org Show headers Download Go to Full URL https://safety.9t89.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.247.126.221 Los Angeles, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB), Reverse DNS Software nginx / Resource Hash 752f80a0721a523a015fe3ed669cd377a2c0b8876cd2f0648ac896a8b28d49e9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html date Thu, 04 Jul 2024 05:38:12 GMT etag W/"662cdb23-2f37" last-modified Sat, 27 Apr 2024 11:01:55 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	iconfont.css safety.9t89.xyz/font/	4 KB 1 KB	176ms 176ms	Stylesheet text/css	77.247.126.221 Global ASN
General Check archive.org Show headers Download Go to Full URL https://safety.9t89.xyz/font/iconfont.css?v=111 Requested by Host: safety.9t89.xyz URL: https://safety.9t89.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.247.126.221 Los Angeles, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB), Reverse DNS Software nginx / Resource Hash 1d5a19546b47227cac00ccca55e6b6282f4ae223e7dc084414371ccb6fbf0393 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://safety.9t89.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 05:38:12 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Thu, 25 Apr 2024 09:51:03 GMT server nginx etag W/"662a2787-11b1" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Thu, 04 Jul 2024 17:38:12 GMT
GET H2	200	home_bg.342b00e4.jpg safety.9t89.xyz/img/	133 KB 133 KB	182ms 181ms	Image image/jpeg	77.247.126.221 Global ASN
General Check archive.org Show headers Download Go to Show image Full URL https://safety.9t89.xyz/img/home_bg.342b00e4.jpg Requested by Host: safety.9t89.xyz URL: https://safety.9t89.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.247.126.221 Los Angeles, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB), Reverse DNS Software nginx / Resource Hash 51b55cf6ac0fb3950b37e1a2d58c7376db7fd117227d99c0cd0de8be4f77d6dc Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://safety.9t89.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 05:38:13 GMT strict-transport-security max-age=31536000 last-modified Thu, 25 Apr 2024 09:51:03 GMT server nginx etag "662a2787-21249" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 135753 expires Sat, 03 Aug 2024 05:38:13 GMT
GET H2	200	env.js Show response safety.9t89.xyz/	1 KB 807 B	534ms 533ms	Script application/javascript	77.247.126.221 Global ASN
General Check archive.org Show headers Download Go to Full URL https://safety.9t89.xyz/env.js?a=1720071492991 Requested by Host: safety.9t89.xyz URL: https://safety.9t89.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.247.126.221 Los Angeles, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB), Reverse DNS Software nginx / Resource Hash 0528968ed6d7a5bec9d284a8b621440b7e2c25eb7839e22d3e658b1d7cfbc2f5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://safety.9t89.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 05:38:13 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Thu, 25 Apr 2024 13:22:16 GMT server nginx etag W/"662a5908-593" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Thu, 04 Jul 2024 17:38:13 GMT
GET H2	200	Baidu.png safety.9t89.xyz/img/safety/	99 KB 99 KB	533ms 533ms	Image image/png	77.247.126.221 Global ASN
General Check archive.org Show headers Download Go to Show image Full URL https://safety.9t89.xyz/img/safety/Baidu.png Requested by Host: safety.9t89.xyz URL: https://safety.9t89.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.247.126.221 Los Angeles, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB), Reverse DNS Software nginx / Resource Hash f60c8689cb172faea1e5e246d1415755a3b8f6f7b5f2ce0e00fe3f9c790e6162 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://safety.9t89.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 05:38:13 GMT strict-transport-security max-age=31536000 last-modified Thu, 25 Apr 2024 09:51:03 GMT server nginx etag "662a2787-18ca9" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 101545 expires Sat, 03 Aug 2024 05:38:13 GMT
GET H2	200	iconfont.woff2 safety.9t89.xyz/font/	14 KB 14 KB	524ms 523ms	Font font/woff2	77.247.126.221 Global ASN
General Check archive.org Show headers Download Go to Full URL https://safety.9t89.xyz/font/iconfont.woff2?t=1691161820291 Requested by Host: safety.9t89.xyz URL: https://safety.9t89.xyz/font/iconfont.css?v=111 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.247.126.221 Los Angeles, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB), Reverse DNS Software nginx / Resource Hash e7d3fbba3cb54f0a212fb93f4c0ad8d1eddb8080aa1a97300f39b5e3f3e5b8c0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://safety.9t89.xyz/font/iconfont.css?v=111 Origin https://safety.9t89.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 05:38:13 GMT strict-transport-security max-age=31536000 last-modified Thu, 25 Apr 2024 09:51:03 GMT server nginx etag "662a2787-37ac" content-type font/woff2 accept-ranges bytes content-length 14252
GET H2	200	add.ttf safety.9t89.xyz/	5 KB 5 KB	524ms 523ms	Font application/octet-stream	77.247.126.221 Global ASN
General Check archive.org Show headers Download Go to Full URL https://safety.9t89.xyz/add.ttf Requested by Host: safety.9t89.xyz URL: https://safety.9t89.xyz/?version=1720071492993 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.247.126.221 Los Angeles, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB), Reverse DNS Software nginx / Resource Hash b3b812720c532be020fff8ed451ce81c5bdcad52993cf88b0e0385fbdae1b2bd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://safety.9t89.xyz/ Origin https://safety.9t89.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 05:38:13 GMT strict-transport-security max-age=31536000 last-modified Thu, 25 Apr 2024 09:51:03 GMT server nginx etag "662a2787-1218" content-type application/octet-stream accept-ranges bytes content-length 4632
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 12 KB	877ms 365ms	Script application/javascript	111.45.11.83 CMNET-GUANGDONG-A...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?ffb1a68ad287606065a15c91547f4c4f Requested by Host: safety.9t89.xyz URL: https://safety.9t89.xyz/env.js?a=1720071492991 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN), Reverse DNS Software apache / Resource Hash b6d7d87cbb93158c1c04ebf240866e0dff3c13bd7fff618b2602984b0f4bf871 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://safety.9t89.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 04 Jul 2024 05:38:14 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag e7a214e6e3944fec13103de50be5a5fe P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11253
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	343ms 343ms	Image image/gif	111.45.11.83 CMNET-GUANGDONG-A...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1099622737&si=ffb1a68ad287606065a15c91547f4c4f&v=1.3.0&lv=1&sn=39885&r=0&ww=1600&u=https%3A%2F%2Fsafety.9t89.xyz%2F%3Fversion%3D1720071492993&tt=%E5%AE%89%E5%85%A8%E6%A3%80%E6%9F%A5%E9%80%9A%E8%BF%87%EF%BC%8C%E8%AF%B7%E7%95%8C%E5%8F%8B%E6%94%BE%E5%BF%83%E6%B5%8F%E8%A7%88%EF%BC%8C%E6%84%9F%E8%B0%A2%E6%94%AF%E6%8C%81%EF%BC%81 Requested by Host: safety.9t89.xyz URL: https://safety.9t89.xyz/?version=1720071492993 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://safety.9t89.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Thu, 04 Jul 2024 05:38:14 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H2	200	favicon.ico safety.9t89.xyz/	0 143 B	177ms 176ms	Other image/x-icon	77.247.126.221 Global ASN
General Check archive.org Show headers Download Go to Full URL https://safety.9t89.xyz/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.247.126.221 Los Angeles, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://safety.9t89.xyz/?version=1720071492993 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 05:38:15 GMT strict-transport-security max-age=31536000 last-modified Thu, 25 Apr 2024 09:51:03 GMT server nginx etag "662a2787-0" content-type image/x-icon accept-ranges bytes content-length 0

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| detectBrowser function| setHistoryFN function| updateHrefFn function| loadDynamicScript function| proceedAfterEnvLoaded string| jumpUrl1 string| jumpUrl2 string| jumpUrl3 string| jumpUrl4 string| autoJumpUrl number| time1 number| time2 function| loadBaiduTjFn function| loadBaiduJumpTjFn boolean| _bdhm_loaded_ffb1a68ad287606065a15c91547f4c4f object| _hmt object| mini_tangram_log_tgwjyw

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hm.baidu.com/	1970-01-21 07:23:51	Name: HMACCOUNT_BFESS Value: 9C894D83FEC39E7E
			.safety.9t89.xyz/	1970-01-21 06:33:27	Name: Hm_lvt_ffb1a68ad287606065a15c91547f4c4f Value: 1720071495
			.safety.9t89.xyz/	1969-12-31 23:59:59	Name: Hm_lpvt_ffb1a68ad287606065a15c91547f4c4f Value: 1720071495

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hm.baidu.com
safety.9t89.xyz
111.45.11.83
77.247.126.221
0528968ed6d7a5bec9d284a8b621440b7e2c25eb7839e22d3e658b1d7cfbc2f5
1d5a19546b47227cac00ccca55e6b6282f4ae223e7dc084414371ccb6fbf0393
51b55cf6ac0fb3950b37e1a2d58c7376db7fd117227d99c0cd0de8be4f77d6dc
752f80a0721a523a015fe3ed669cd377a2c0b8876cd2f0648ac896a8b28d49e9
b3b812720c532be020fff8ed451ce81c5bdcad52993cf88b0e0385fbdae1b2bd
b6d7d87cbb93158c1c04ebf240866e0dff3c13bd7fff618b2602984b0f4bf871
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d3fbba3cb54f0a212fb93f4c0ad8d1eddb8080aa1a97300f39b5e3f3e5b8c0
f60c8689cb172faea1e5e246d1415755a3b8f6f7b5f2ce0e00fe3f9c790e6162