urlscan.io logo urlscan.io
SecurityTrails logo

qfuhi.crystalcrafter.top Open in urlscan Pro
104.21.7.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.cpupk.com/
Effective URL: https://qfuhi.crystalcrafter.top/blue-robot/?pl=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&hash=NbVmyjhjbVUSBWCnLq...
Submission: On May 15 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 11 HTTP transactions. The main IP is 104.21.7.3, located in and belongs to CLOUDFLARENET, US. The main domain is qfuhi.crystalcrafter.top.
TLS certificate: Issued by GTS CA 1P5 on April 29th 2023. Valid for: 3 months.
This is the only time qfuhi.crystalcrafter.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.157.56.139 55286 (SERVER-MANIA)
1 2 192.99.158.241 16276 (OVH)
1 2 52.117.247.211 36351 (SOFTLAYER)
1 1 5.75.133.219 24940 (HETZNER-AS)
4 104.21.7.3 13335 (CLOUDFLAR...)
3 172.67.169.207 13335 (CLOUDFLAR...)
2 2404:6800:400... ()
11 6
1    192.157.56.139 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)
www.cpupk.com
2    192.99.158.241 (Canada)

ASN16276 (OVH, FR)
PTR: ip241.ip-192-99-158.net
dnavexch.com
2    52.117.247.211 (United States)

ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
myckdom.com
p274639.myckdom.com
1    5.75.133.219 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.219.133.75.5.clients.your-server.de
qfuhi.superssp.top
4    104.21.7.3 (None, )

ASN13335 (CLOUDFLARENET, US)
qfuhi.crystalcrafter.top
3    172.67.169.207 (United States)

ASN13335 (CLOUDFLARENET, US)
js.streampsh.top
feed.streampsh.top
2    2404:6800:4004:826::2003 (None, )

ASN- ()
www.gstatic.com
Apex Domain
Subdomains		 Transfer
4 crystalcrafter.top
qfuhi.crystalcrafter.top
9 KB
3 streampsh.top
js.streampsh.top — Cisco Umbrella Rank: 191396
feed.streampsh.top
11 KB
2 gstatic.com
www.gstatic.com
18 KB
2 myckdom.com
myckdom.com — Cisco Umbrella Rank: 54077
p274639.myckdom.com
1 KB
2 dnavexch.com
dnavexch.com — Cisco Umbrella Rank: 311666
8 KB
1 superssp.top
qfuhi.superssp.top
399 B
1 cpupk.com
www.cpupk.com
601 B
11 7
Domain Requested by
4 qfuhi.crystalcrafter.top p274639.myckdom.com
qfuhi.crystalcrafter.top
js.streampsh.top
2 www.gstatic.com js.streampsh.top
2 js.streampsh.top qfuhi.crystalcrafter.top
js.streampsh.top
2 dnavexch.com 1 redirects
1 feed.streampsh.top js.streampsh.top
1 qfuhi.superssp.top 1 redirects
1 p274639.myckdom.com
1 myckdom.com 1 redirects
1 www.cpupk.com 1 redirects
11 9

This site contains no links.

Subject Issuer Validity Valid
*.myckdom.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-20 -
2024-03-20		 a year crt.sh
crystalcrafter.top
GTS CA 1P5		 2023-04-29 -
2023-07-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-25 -
2024-03-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh

This page contains 1 frames:

Frame: https://qfuhi.crystalcrafter.top/blue-robot/?pl=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&hash=NbVmyjhjbVUSBWCnLqHQ8A&exp=1684143757
Frame ID: 06EF7DEC14E2804B202E21E3A03A3371
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Click Allow if you are not a robot

Page URL History Show full URLs

  1. http://www.cpupk.com/ HTTP 302
    http://dnavexch.com/click?data=X1R4MnhXaHM0eXdTWXZZQk1NcVdJcFEtanV3RGk3UVI5NHg5MHhIYldHcVF4OEJHe... Page URL
  2. http://dnavexch.com/Redirect/ HTTP 302
    https://myckdom.com/aS/feedclick?s=rI7t-hs_SLdQuI2cm2oBEK3dDnCBF-q5pjcTajzqm_QH0A88-gtuC6d73pnnD... HTTP 302
    https://p274639.myckdom.com/adServe/domainClick?ai=h433YIYF3f1y3Je_gC-RtBMqqgjr2siz5seknonaA9Yy-0abnAxmU... Page URL
  3. https://qfuhi.superssp.top/?pl=ZQMjGfJm-02gMGHF39AsQg&click_id=90335376079 HTTP 302
    https://qfuhi.crystalcrafter.top/blue-robot/?pl=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&has... Page URL

Page Statistics

11
Requests

91 %
HTTPS

14 %
IPv6

7
Domains

9
Subdomains

6
IPs

4
Countries

44 kB
Transfer

119 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.cpupk.com/ HTTP 302
    http://dnavexch.com/click?data=X1R4MnhXaHM0eXdTWXZZQk1NcVdJcFEtanV3RGk3UVI5NHg5MHhIYldHcVF4OEJHeGZxb0FqYkpPcURXaXhwdllpcWhhZVlIQmVQTzVrcWtoX21kZ3p6T1NtcGhFdEh3ODBQeWlMUVV2X0VjZ2NzeFhlUXZWVU1XVlhxWm91LVFMSDFsYWUyWHVuaFIwNTV1TFJPX3N3Mg2&id=d1f5495f-3398-4ea1-9921-ab1924d0b260 Page URL
  2. http://dnavexch.com/Redirect/ HTTP 302
    https://myckdom.com/aS/feedclick?s=rI7t-hs_SLdQuI2cm2oBEK3dDnCBF-q5pjcTajzqm_QH0A88-gtuC6d73pnnDH6ohvzYfNFjJsKn06qgcpL4cFiEu4ekA4JUtRsEpLfh4TlZy16QtuaoY6YZ_8dAZcE4MLekFlfWsTpfBjRhq2gpKGg8PTZc6AKBpy32d8UGrPdm-d_c2t-zREjbVZrUX9Qp4BZnxzEl0WwfjvnySh82HY9vVC-x799Jgv7WOLaCXnbbacWIVuLb1GmwU5tNXU25AYFQ-H0fCLRPJy-eogCbZWthicXvqvKzEwdBkjFHRaEb62pXX0zm67GBkv_eq6cPh3SIQWwF5BezQclxxf3Z6k7fDZrMlR2e-GHf40QBM8NwimcIn00oCX8SJiSjUjCQau7NAY0oIC1s3zxi1BXwmF8PDticYHIX7bMFAejFJMypF8O2LR0T__5pG7awYfV5Y4IAYIsKi48CiyZFabxz8PiKYZQHfK5qY2B8Kwelnhn6OX2TnhoW8lMzMr9v1VMyb9xigEx0NM5k4ELy68kNP438AvisB_9EKBqF3E_BbHuuOiihufXHzPlGGcNC3JwN2V3qca5tcP-4IbYr6vZzcgs72xXYChNcTBSMURzP3giJusJlg7VDSzjlRmH4hunHnnqifKRfCIZ8DHgJkWBzso3XGr1qCrlPvcfeLtgsa-vC3VPPDI62IDvJgTeyCpf-T1b--pbJ5jyYZFZdSPvuJYRgp6ni03iiw0Mql0u-LTypehWhWCZ_pi5k3cIczSFFtvYHDG0Td3-n738zUbZ2NnFlgOm88fb_KpPRE0jAb4foDXh8ugGEASSxYhnm0VW4Hr6gD6V6Z2DG0QmXQG3xHDM_rqNcjAHQdIe-suJ9TtrcijiDwh1FgBQKY7rZshoMX749esopXqa-WrmifJNTQUYqdxw-0o3_EpEKLaj2B__LjGLCDSDCYM2fKfwaGhgfX90oJv4oQ_lpgczDyCtfJbBXXss5clDt0aZPh21hvncYy0oUs-Rcn81PwSEYU8WV34JAfBacjSlzZtAZgBar3eRq_BaFDIl3SBTBcOtVeYHtAvTyaT74C9L5wamyz0M7MOnWRsIeGY0iDDKO_aehqFa8nZjrBIX2aAI-f4xSA-UXKZLbNLOQfuHxHeN3pBA4Q3nT_QKqKKqNYYQtFYp1NAynBjEHJ3qXDwuYtOJY7sSAo2bkdRj8ZQmYTZyx7mnYiyblxuJlsFYT1fcBhCwKkASfel2cZKhCkdMDsrP1-j3iYqdNQvLa15CBN6w_2GHEYNEdYbi5ZYgJcbCgfywccgzFgxHCKxLJbhQpVcshSAOragiVpSF7j4l4po_srV7CCYXHFyN-XaNaNGUFq_Mhn055gZV-wDaTkMP3hWs3XJCX_UeMrTqQbwu7hkyFqwyBNbG1rwzn-JtsRGu_kGvwfwWhtc9OegwAFy33LF99FEnj1VL0ZdCMbrBKxd_wtz3TODHbAN7OfSJ-UQw9l7A3IPqBHSEl_iRupyKoQ_SsUm6te1VWtwz0kfbYX5lY7REQOwEr_7Nwt2STwV0HUhLIdwTPjN6LXU9Gj7E6Fkq-2Ma9y197tpZaBHoavf051Q4OuYgmmnThN2EHmwSpXxeefhJpon6HXl6XCMobuaDTI42zPbq73KOelKOMutq5w3SS3ELbSCSE2wqiOaXYf1hpL3CA8kV5-Jf2Q1HX6IyJ3aVDLlKudiBfmmZO1g39iKenpBpKPHqFei6NKGgpUYstULQGqz_0RghHJ4VumYFEnVfNTSfZrpWsu2b8Ouc3A2Xe5fSfzHG8ZcQWH5A5qIGPLsYjFXZ7VyMb HTTP 302
    https://p274639.myckdom.com/adServe/domainClick?ai=h433YIYF3f1y3Je_gC-RtBMqqgjr2siz5seknonaA9Yy-0abnAxmUwDqc9eJ7xLYC69XFPPtNwEIo-1nEVX29E45QD317tzoK1cP7OnJPV6ki2m_UYRsLvwQiVps8LOBcavFvFofXEQCY4zwcSwh3sMfqUB_rxU5ru2cU9dBUbpq0ApYF0desEjhnCh4Af-BbMqN2sGSXf3VIusUrzHUVJJLlkfUtqmt8aFvAXkavaAuhnMbvIa6-4CjZuR1GPxlCZhNnLHuadiLJuXG4mWwVgPzcZqOl8ueD3YRp9_wtT58zMU0lt9xPpZaYOBYWX8UjQ9mH6USLMQjeRAqbTvnp2oxh1ScPLNqq0GqzgwerNU3ZpGUKqgW1M1NJ9mulay7ZOUcdqYrVAcPAe_L4WAxrcur1MupdU30BRz60kPhoh5jUQnySV7N2Gtdnt_Lrhn8xIM-F2T9IJsA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qeNnUqwZB1wttfL2tY4RhRiPI3aj7cR-FAiUOPEN66SyzZXxnX9w3KH1wgeoYy4_2BwF5GYn3cQm7mTKB2lpsLjbWnaHeEFBufotEUrL_rQMw&ui=rI7t-hs_SLdQuI2cm2oBEFY37AsT2AewM3i0obK61D8fv__JK_3cZnOm535V8jajPntp7_DGUh4liA_uMl1K2vZltrGJ03-bvd7_U-dyW3-pfjVdVexoxQ&si=1&oref=c405ae8861cb6856bde2e7661997c1c6&optunit=aahmQu40Hxd50olA1eYhgw&rb=2Vb288azLYM&rr=0&abtg=0 Page URL
  3. https://qfuhi.superssp.top/?pl=ZQMjGfJm-02gMGHF39AsQg&click_id=90335376079 HTTP 302
    https://qfuhi.crystalcrafter.top/blue-robot/?pl=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&hash=NbVmyjhjbVUSBWCnLqHQ8A&exp=1684143757 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.cpupk.com/ HTTP 302
  • http://dnavexch.com/click?data=X1R4MnhXaHM0eXdTWXZZQk1NcVdJcFEtanV3RGk3UVI5NHg5MHhIYldHcVF4OEJHeGZxb0FqYkpPcURXaXhwdllpcWhhZVlIQmVQTzVrcWtoX21kZ3p6T1NtcGhFdEh3ODBQeWlMUVV2X0VjZ2NzeFhlUXZWVU1XVlhxWm91LVFMSDFsYWUyWHVuaFIwNTV1TFJPX3N3Mg2&id=d1f5495f-3398-4ea1-9921-ab1924d0b260
Request Chain 1
  • http://dnavexch.com/Redirect/ HTTP 302
  • https://myckdom.com/aS/feedclick?s=rI7t-hs_SLdQuI2cm2oBEK3dDnCBF-q5pjcTajzqm_QH0A88-gtuC6d73pnnDH6ohvzYfNFjJsKn06qgcpL4cFiEu4ekA4JUtRsEpLfh4TlZy16QtuaoY6YZ_8dAZcE4MLekFlfWsTpfBjRhq2gpKGg8PTZc6AKBpy32d8UGrPdm-d_c2t-zREjbVZrUX9Qp4BZnxzEl0WwfjvnySh82HY9vVC-x799Jgv7WOLaCXnbbacWIVuLb1GmwU5tNXU25AYFQ-H0fCLRPJy-eogCbZWthicXvqvKzEwdBkjFHRaEb62pXX0zm67GBkv_eq6cPh3SIQWwF5BezQclxxf3Z6k7fDZrMlR2e-GHf40QBM8NwimcIn00oCX8SJiSjUjCQau7NAY0oIC1s3zxi1BXwmF8PDticYHIX7bMFAejFJMypF8O2LR0T__5pG7awYfV5Y4IAYIsKi48CiyZFabxz8PiKYZQHfK5qY2B8Kwelnhn6OX2TnhoW8lMzMr9v1VMyb9xigEx0NM5k4ELy68kNP438AvisB_9EKBqF3E_BbHuuOiihufXHzPlGGcNC3JwN2V3qca5tcP-4IbYr6vZzcgs72xXYChNcTBSMURzP3giJusJlg7VDSzjlRmH4hunHnnqifKRfCIZ8DHgJkWBzso3XGr1qCrlPvcfeLtgsa-vC3VPPDI62IDvJgTeyCpf-T1b--pbJ5jyYZFZdSPvuJYRgp6ni03iiw0Mql0u-LTypehWhWCZ_pi5k3cIczSFFtvYHDG0Td3-n738zUbZ2NnFlgOm88fb_KpPRE0jAb4foDXh8ugGEASSxYhnm0VW4Hr6gD6V6Z2DG0QmXQG3xHDM_rqNcjAHQdIe-suJ9TtrcijiDwh1FgBQKY7rZshoMX749esopXqa-WrmifJNTQUYqdxw-0o3_EpEKLaj2B__LjGLCDSDCYM2fKfwaGhgfX90oJv4oQ_lpgczDyCtfJbBXXss5clDt0aZPh21hvncYy0oUs-Rcn81PwSEYU8WV34JAfBacjSlzZtAZgBar3eRq_BaFDIl3SBTBcOtVeYHtAvTyaT74C9L5wamyz0M7MOnWRsIeGY0iDDKO_aehqFa8nZjrBIX2aAI-f4xSA-UXKZLbNLOQfuHxHeN3pBA4Q3nT_QKqKKqNYYQtFYp1NAynBjEHJ3qXDwuYtOJY7sSAo2bkdRj8ZQmYTZyx7mnYiyblxuJlsFYT1fcBhCwKkASfel2cZKhCkdMDsrP1-j3iYqdNQvLa15CBN6w_2GHEYNEdYbi5ZYgJcbCgfywccgzFgxHCKxLJbhQpVcshSAOragiVpSF7j4l4po_srV7CCYXHFyN-XaNaNGUFq_Mhn055gZV-wDaTkMP3hWs3XJCX_UeMrTqQbwu7hkyFqwyBNbG1rwzn-JtsRGu_kGvwfwWhtc9OegwAFy33LF99FEnj1VL0ZdCMbrBKxd_wtz3TODHbAN7OfSJ-UQw9l7A3IPqBHSEl_iRupyKoQ_SsUm6te1VWtwz0kfbYX5lY7REQOwEr_7Nwt2STwV0HUhLIdwTPjN6LXU9Gj7E6Fkq-2Ma9y197tpZaBHoavf051Q4OuYgmmnThN2EHmwSpXxeefhJpon6HXl6XCMobuaDTI42zPbq73KOelKOMutq5w3SS3ELbSCSE2wqiOaXYf1hpL3CA8kV5-Jf2Q1HX6IyJ3aVDLlKudiBfmmZO1g39iKenpBpKPHqFei6NKGgpUYstULQGqz_0RghHJ4VumYFEnVfNTSfZrpWsu2b8Ouc3A2Xe5fSfzHG8ZcQWH5A5qIGPLsYjFXZ7VyMb HTTP 302
  • https://p274639.myckdom.com/adServe/domainClick?ai=h433YIYF3f1y3Je_gC-RtBMqqgjr2siz5seknonaA9Yy-0abnAxmUwDqc9eJ7xLYC69XFPPtNwEIo-1nEVX29E45QD317tzoK1cP7OnJPV6ki2m_UYRsLvwQiVps8LOBcavFvFofXEQCY4zwcSwh3sMfqUB_rxU5ru2cU9dBUbpq0ApYF0desEjhnCh4Af-BbMqN2sGSXf3VIusUrzHUVJJLlkfUtqmt8aFvAXkavaAuhnMbvIa6-4CjZuR1GPxlCZhNnLHuadiLJuXG4mWwVgPzcZqOl8ueD3YRp9_wtT58zMU0lt9xPpZaYOBYWX8UjQ9mH6USLMQjeRAqbTvnp2oxh1ScPLNqq0GqzgwerNU3ZpGUKqgW1M1NJ9mulay7ZOUcdqYrVAcPAe_L4WAxrcur1MupdU30BRz60kPhoh5jUQnySV7N2Gtdnt_Lrhn8xIM-F2T9IJsA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qeNnUqwZB1wttfL2tY4RhRiPI3aj7cR-FAiUOPEN66SyzZXxnX9w3KH1wgeoYy4_2BwF5GYn3cQm7mTKB2lpsLjbWnaHeEFBufotEUrL_rQMw&ui=rI7t-hs_SLdQuI2cm2oBEFY37AsT2AewM3i0obK61D8fv__JK_3cZnOm535V8jajPntp7_DGUh4liA_uMl1K2vZltrGJ03-bvd7_U-dyW3-pfjVdVexoxQ&si=1&oref=c405ae8861cb6856bde2e7661997c1c6&optunit=aahmQu40Hxd50olA1eYhgw&rb=2Vb288azLYM&rr=0&abtg=0

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
click
dnavexch.com/
Redirect Chain
  • http://www.cpupk.com/
  • http://dnavexch.com/click?data=X1R4MnhXaHM0eXdTWXZZQk1NcVdJcFEtanV3RGk3UVI5NHg5MHhIYldHcVF4OEJHeGZxb0FqYkpPcURXaXhwdllpcWhhZVlIQmVQTzVrcWtoX21kZ3p6T1NtcGhFdEh3ODBQeWlMUVV2X0VjZ2NzeFhlUXZWVU1XVlhxWm...
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://dnavexch.com/click?data=X1R4MnhXaHM0eXdTWXZZQk1NcVdJcFEtanV3RGk3UVI5NHg5MHhIYldHcVF4OEJHeGZxb0FqYkpPcURXaXhwdllpcWhhZVlIQmVQTzVrcWtoX21kZ3p6T1NtcGhFdEh3ODBQeWlMUVV2X0VjZ2NzeFhlUXZWVU1XVlhxWm91LVFMSDFsYWUyWHVuaFIwNTV1TFJPX3N3Mg2&id=d1f5495f-3398-4ea1-9921-ab1924d0b260
Protocol
HTTP/1.1
Server
192.99.158.241 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip241.ip-192-99-158.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0399a9fc17f3c856eef4ee567e1f0c541673fee85d026bde59013d487468f1b9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
5412
Content-Type
text/html; charset=utf-8
Date
Mon, 15 May 2023 09:37:22 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Mon, 15 May 2023 09:37:34 GMT
location
http://dnavexch.com/click?data=X1R4MnhXaHM0eXdTWXZZQk1NcVdJcFEtanV3RGk3UVI5NHg5MHhIYldHcVF4OEJHeGZxb0FqYkpPcURXaXhwdllpcWhhZVlIQmVQTzVrcWtoX21kZ3p6T1NtcGhFdEh3ODBQeWlMUVV2X0VjZ2NzeFhlUXZWVU1XVlhxWm91LVFMSDFsYWUyWHVuaFIwNTV1TFJPX3N3Mg2&id=d1f5495f-3398-4ea1-9921-ab1924d0b260
server
nginx
domainClick
p274639.myckdom.com/adServe/
Redirect Chain
  • http://dnavexch.com/Redirect/
  • https://myckdom.com/aS/feedclick?s=rI7t-hs_SLdQuI2cm2oBEK3dDnCBF-q5pjcTajzqm_QH0A88-gtuC6d73pnnDH6ohvzYfNFjJsKn06qgcpL4cFiEu4ekA4JUtRsEpLfh4TlZy16QtuaoY6YZ_8dAZcE4MLekFlfWsTpfBjRhq2gpKGg8PTZc6AKBpy...
  • https://p274639.myckdom.com/adServe/domainClick?ai=h433YIYF3f1y3Je_gC-RtBMqqgjr2siz5seknonaA9Yy-0abnAxmUwDqc9eJ7xLYC69XFPPtNwEIo-1nEVX29E45QD317tzoK1cP7OnJPV6ki2m_UYRsLvwQiVps8LOBcavFvFofXEQCY4zwcS...
269 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p274639.myckdom.com/adServe/domainClick?ai=h433YIYF3f1y3Je_gC-RtBMqqgjr2siz5seknonaA9Yy-0abnAxmUwDqc9eJ7xLYC69XFPPtNwEIo-1nEVX29E45QD317tzoK1cP7OnJPV6ki2m_UYRsLvwQiVps8LOBcavFvFofXEQCY4zwcSwh3sMfqUB_rxU5ru2cU9dBUbpq0ApYF0desEjhnCh4Af-BbMqN2sGSXf3VIusUrzHUVJJLlkfUtqmt8aFvAXkavaAuhnMbvIa6-4CjZuR1GPxlCZhNnLHuadiLJuXG4mWwVgPzcZqOl8ueD3YRp9_wtT58zMU0lt9xPpZaYOBYWX8UjQ9mH6USLMQjeRAqbTvnp2oxh1ScPLNqq0GqzgwerNU3ZpGUKqgW1M1NJ9mulay7ZOUcdqYrVAcPAe_L4WAxrcur1MupdU30BRz60kPhoh5jUQnySV7N2Gtdnt_Lrhn8xIM-F2T9IJsA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qeNnUqwZB1wttfL2tY4RhRiPI3aj7cR-FAiUOPEN66SyzZXxnX9w3KH1wgeoYy4_2BwF5GYn3cQm7mTKB2lpsLjbWnaHeEFBufotEUrL_rQMw&ui=rI7t-hs_SLdQuI2cm2oBEFY37AsT2AewM3i0obK61D8fv__JK_3cZnOm535V8jajPntp7_DGUh4liA_uMl1K2vZltrGJ03-bvd7_U-dyW3-pfjVdVexoxQ&si=1&oref=c405ae8861cb6856bde2e7661997c1c6&optunit=aahmQu40Hxd50olA1eYhgw&rb=2Vb288azLYM&rr=0&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.117.247.211 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
d3.f7.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://dnavexch.com
Referer
http://dnavexch.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 15 May 2023 09:37:36 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
date
Mon, 15 May 2023 09:37:36 GMT
location
https://p274639.myckdom.com/adServe/domainClick?ai=h433YIYF3f1y3Je_gC-RtBMqqgjr2siz5seknonaA9Yy-0abnAxmUwDqc9eJ7xLYC69XFPPtNwEIo-1nEVX29E45QD317tzoK1cP7OnJPV6ki2m_UYRsLvwQiVps8LOBcavFvFofXEQCY4zwcSwh3sMfqUB_rxU5ru2cU9dBUbpq0ApYF0desEjhnCh4Af-BbMqN2sGSXf3VIusUrzHUVJJLlkfUtqmt8aFvAXkavaAuhnMbvIa6-4CjZuR1GPxlCZhNnLHuadiLJuXG4mWwVgPzcZqOl8ueD3YRp9_wtT58zMU0lt9xPpZaYOBYWX8UjQ9mH6USLMQjeRAqbTvnp2oxh1ScPLNqq0GqzgwerNU3ZpGUKqgW1M1NJ9mulay7ZOUcdqYrVAcPAe_L4WAxrcur1MupdU30BRz60kPhoh5jUQnySV7N2Gtdnt_Lrhn8xIM-F2T9IJsA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qeNnUqwZB1wttfL2tY4RhRiPI3aj7cR-FAiUOPEN66SyzZXxnX9w3KH1wgeoYy4_2BwF5GYn3cQm7mTKB2lpsLjbWnaHeEFBufotEUrL_rQMw&ui=rI7t-hs_SLdQuI2cm2oBEFY37AsT2AewM3i0obK61D8fv__JK_3cZnOm535V8jajPntp7_DGUh4liA_uMl1K2vZltrGJ03-bvd7_U-dyW3-pfjVdVexoxQ&si=1&oref=c405ae8861cb6856bde2e7661997c1c6&optunit=aahmQu40Hxd50olA1eYhgw&rb=2Vb288azLYM&rr=0&abtg=0
server
nginx
Primary Request /
qfuhi.crystalcrafter.top/blue-robot/
Redirect Chain
  • https://qfuhi.superssp.top/?pl=ZQMjGfJm-02gMGHF39AsQg&click_id=90335376079
  • https://qfuhi.crystalcrafter.top/blue-robot/?pl=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&hash=NbVmyjhjbVUSBWCnLqHQ8A&exp=1684143757
14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qfuhi.crystalcrafter.top/blue-robot/?pl=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&hash=NbVmyjhjbVUSBWCnLqHQ8A&exp=1684143757
Requested by
Host: p274639.myckdom.com
URL: https://p274639.myckdom.com/adServe/domainClick?ai=h433YIYF3f1y3Je_gC-RtBMqqgjr2siz5seknonaA9Yy-0abnAxmUwDqc9eJ7xLYC69XFPPtNwEIo-1nEVX29E45QD317tzoK1cP7OnJPV6ki2m_UYRsLvwQiVps8LOBcavFvFofXEQCY4zwcSwh3sMfqUB_rxU5ru2cU9dBUbpq0ApYF0desEjhnCh4Af-BbMqN2sGSXf3VIusUrzHUVJJLlkfUtqmt8aFvAXkavaAuhnMbvIa6-4CjZuR1GPxlCZhNnLHuadiLJuXG4mWwVgPzcZqOl8ueD3YRp9_wtT58zMU0lt9xPpZaYOBYWX8UjQ9mH6USLMQjeRAqbTvnp2oxh1ScPLNqq0GqzgwerNU3ZpGUKqgW1M1NJ9mulay7ZOUcdqYrVAcPAe_L4WAxrcur1MupdU30BRz60kPhoh5jUQnySV7N2Gtdnt_Lrhn8xIM-F2T9IJsA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qeNnUqwZB1wttfL2tY4RhRiPI3aj7cR-FAiUOPEN66SyzZXxnX9w3KH1wgeoYy4_2BwF5GYn3cQm7mTKB2lpsLjbWnaHeEFBufotEUrL_rQMw&ui=rI7t-hs_SLdQuI2cm2oBEFY37AsT2AewM3i0obK61D8fv__JK_3cZnOm535V8jajPntp7_DGUh4liA_uMl1K2vZltrGJ03-bvd7_U-dyW3-pfjVdVexoxQ&si=1&oref=c405ae8861cb6856bde2e7661997c1c6&optunit=aahmQu40Hxd50olA1eYhgw&rb=2Vb288azLYM&rr=0&abtg=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.7.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b3be0de495705c24db785abb16f502ddb8088b9c571d1a0c8aee8891cc3ee3c

Request headers

Referer
https://p274639.myckdom.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c7a6743fc4b8a9c-NRT
content-encoding
br
content-type
text/html
date
Mon, 15 May 2023 09:37:38 GMT
last-modified
Mon, 01 May 2023 15:50:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ETcZPyI6wIjasjMDhRFD579By3uZw3tN83UUYRBCBJkHXVk35TgJ9nAHF0klR3Fgof%2Fhz70fKTtoo3TLf2FSX%2FX%2BIobcpKIBwszE15ZIsPWA6OYXWp196A6brbolnboVt1hxrM25DfxGyU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Mon, 15 May 2023 09:37:37 GMT
location
https://qfuhi.crystalcrafter.top/blue-robot/?pl=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&hash=NbVmyjhjbVUSBWCnLqHQ8A&exp=1684143757
server
nginx
trls.js
qfuhi.crystalcrafter.top/blue-robot/assets/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qfuhi.crystalcrafter.top/blue-robot/assets/trls.js
Requested by
Host: qfuhi.crystalcrafter.top
URL: https://qfuhi.crystalcrafter.top/blue-robot/?pl=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&hash=NbVmyjhjbVUSBWCnLqHQ8A&exp=1684143757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.7.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0b0f46a0c12f49cc290e1b3d62a890e8da3434dc80720e3c5a20bec0ab43e1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://qfuhi.crystalcrafter.top/blue-robot/?pl=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&hash=NbVmyjhjbVUSBWCnLqHQ8A&exp=1684143757
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 09:37:38 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 18 Apr 2023 07:09:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"643e420e-1fa7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAqovCAxKQkSpr%2FXPxN7eA%2Fuu2r%2BmPfpYIwhY1Rwc5rY7FXgjtwefJ%2BCF6GWdS1%2BPH5LE2IZSDObFfNX%2FD09QC9y%2FOgdiQ%2FSh6r24M3A5r8IkzKjzxs0L7RMX%2FvkqjyavJYE8Lj4qIlz5aI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7c7a67474eee8a9c-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
qfuhi.crystalcrafter.top/blue-robot/assets/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qfuhi.crystalcrafter.top/blue-robot/assets/style.css
Requested by
Host: qfuhi.crystalcrafter.top
URL: https://qfuhi.crystalcrafter.top/blue-robot/?pl=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&hash=NbVmyjhjbVUSBWCnLqHQ8A&exp=1684143757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.7.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a4bd4aed7f8c1fe11b9a39c4e70da33ccf8df29109e23f1ec10f6d07220bcd9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://qfuhi.crystalcrafter.top/blue-robot/?pl=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&hash=NbVmyjhjbVUSBWCnLqHQ8A&exp=1684143757
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 09:37:38 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 18 Apr 2023 07:09:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"643e420e-f8e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8wthHwTtA7tctlUyf8x%2BaBVOyZi%2F8DOdT96NDWXsUEpcjtsusfMD5gl8pSdVL7uAkoW0sNGUEbLj5GWLMGDYe9V0EZXfPu5lu1zc6uhSWn2nwS80XP2NnmuzNUfmFn7X6Vtp5zYaecop6w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7c7a67474ef18a9c-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pl.js
js.streampsh.top/ps/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.streampsh.top/ps/pl.js?edg=true&fullscreen=true
Requested by
Host: qfuhi.crystalcrafter.top
URL: https://qfuhi.crystalcrafter.top/blue-robot/?pl=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&hash=NbVmyjhjbVUSBWCnLqHQ8A&exp=1684143757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.169.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa5200ce8a6b9c60f852ae45a468b47860a65f0b53e2824ef63c71db9157cef2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://qfuhi.crystalcrafter.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 09:37:38 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FV4yFjirJ2oZP6xbRmOZ%2Fvw65jZuQ09LYgvLzykO590JuiaLp04%2FrSKQ6vZPvlNEHvnQAPn3uHxdzVxlHJb6Dbyn4zge8dUP%2Fs61PAMmTa5rQiCXvTTbOQtJUD3C2hI%2B9qd2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
7c7a67476bf3e01d-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		748 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
ps.js
js.streampsh.top/ps/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&sub_id=&appspot=
Requested by
Host: js.streampsh.top
URL: https://js.streampsh.top/ps/pl.js?edg=true&fullscreen=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.169.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9901fe325a7fd28c195b830562fc159a67701315577422f430b69c609380c12

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://qfuhi.crystalcrafter.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 09:37:39 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgxJL2xv0HCFrJjjIKCRXP9%2FpEp013NuGChZXNhkmIx0OUWXKnu03mNKLDt9m2PxcjZ5AA%2BV%2FzuLNgyaKOoYnQklaQVZIQBmCiU6Aun%2FvGl67hDcZqdUZVLTxl7yVE5Qpuem"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
7c7a674a7ee6e01d-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
config.js
feed.streampsh.top/ps/ 		354 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://feed.streampsh.top/ps/config.js?id=ZQMjGfJm-02gMGHF39AsQg
Requested by
Host: js.streampsh.top
URL: https://js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&sub_id=&appspot=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.169.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ab43d2c92eea10c3f21f346f4a137987f99da1efd496ddd3f132d166244e3d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://qfuhi.crystalcrafter.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 09:37:40 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ke3vOETyeVYYVx5EDkJ7TPFHm7brR3tYrHKOIFKGftJdIs6f%2B0GRlaxcxQ0XiSmTDiJbE4%2FhaIsIHYCn4vPIQimttXhuPR3pGmULHSzeqKscfxL%2BREhMEZlqjXWrhjEi0tuaXrg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
7c7a674f3b9fe01d-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
firebase-app.js
www.gstatic.com/firebasejs/8.4.1/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.4.1/firebase-app.js
Requested by
Host: js.streampsh.top
URL: https://js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&sub_id=&appspot=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://qfuhi.crystalcrafter.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 06:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6763
x-xss-protection
0
last-modified
Tue, 13 Apr 2021 06:56:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 May 2024 06:20:55 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/8.4.1/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
Requested by
Host: js.streampsh.top
URL: https://js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&sub_id=&appspot=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://qfuhi.crystalcrafter.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 07:34:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
352989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10908
x-xss-protection
0
last-modified
Tue, 13 Apr 2021 06:56:17 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 May 2024 07:34:31 GMT
/
qfuhi.crystalcrafter.top/blue-robot/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://qfuhi.crystalcrafter.top/blue-robot/?pl=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&hash=NbVmyjhjbVUSBWCnLqHQ8A&exp=1684143757
Requested by
Host: js.streampsh.top
URL: https://js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&sub_id=&appspot=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://qfuhi.crystalcrafter.top/blue-robot/?pl=ZQMjGfJm-02gMGHF39AsQg&sm=blue-robot&click_id=90335376079&hash=NbVmyjhjbVUSBWCnLqHQ8A&exp=1684143757
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c7a67535cdef903-NRT
content-encoding
br
content-type
text/html
date
Mon, 15 May 2023 09:37:40 GMT
last-modified
Mon, 01 May 2023 15:50:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VJ%2Fg%2B6HC%2BY4w7vtJoNhmLGsO7ElmT5anUsPXwKc5wgK5H076Fx1J3csDyvWGO9i1wU6HIGNmuL6ef5I3Ut3%2Fx5w8zy8tHmwoFdQsokQscpHbzoqLat4q20uIwBMooPD0F1acYgM5k0ed9o%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| translation object| rtlLangs string| browserLang string| siteLang number| extTpl function| detect_language function| replace_text function| translation_available function| translate function| getParameterByName function| docReady object| a2_0xda2e function| a2_0x5b5c

7 Cookies

Domain/Path Name / Value
.cpupk.com/ Name: sid
Value: 1f1e4afa-f304-11ed-aa7b-01c06138e9b0
dnavexch.com/ Name: poAZePeQoSxLKqR
Value: poAZePeQoSxLKqR
.myckdom.com/ Name: rhid
Value: 83240587925
.myckdom.com/ Name: loi
Value: ad_1507539_off_950277_aff_92009_cid_274639-577663052-CPUPK.COM_ts_1684143456
qfuhi.superssp.top/ Name: ZQMjGfJm-02gMGHF39AsQg
Value: 3
qfuhi.superssp.top/ Name: __pl
Value: 4ebd6a9e-4752-4e88-b79f-9bef2d408940
qfuhi.superssp.top/ Name: __cap
Value: 1