9xbuddy.org Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://9xbuddy.com/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
Effective URL:
https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
Submission: On April 14 via api (April 14th 2022, 8:47:36 am UTC) from DE — Scanned from DE

Summary HTTP 21 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is 9xbuddy.org. The Cisco Umbrella rank of the primary domain is 731277.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 28th 2021. Valid for: a year.

This is the only time 9xbuddy.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3038::6815:eb51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.109.82.179 23.109.82.179	7979 (SERVERS-COM) (SERVERS-COM)
21	3

1 2606:4700:3038::6815:eb51 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

9xbuddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

9xbuddy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ab.9xbud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.109.82.179 (Netherlands)

ASN7979 (SERVERS-COM, US)

baffledzein.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	9xbuddy.org 9xbuddy.org — Cisco Umbrella Rank: 731277	160 KB
4	9xbud.com ab.9xbud.com — Cisco Umbrella Rank: 721668	3 KB
3	baffledzein.com baffledzein.com	2 KB
1	9xbuddy.com 1 redirects 9xbuddy.com	636 B
21	4

	Domain	Requested by
13	9xbuddy.org	9xbuddy.org
4	ab.9xbud.com	9xbuddy.org
3	baffledzein.com	9xbuddy.org
1	9xbuddy.com	1 redirects
21	4

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
vk.com
9xbud.com
pr48a97.9xbud.com
fvs.io
123sudo.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
baffledzein.com R3	`2022-03-30` - `2022-06-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
Frame ID: FF78C6AE659E5BCDCD2317AADF057727
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

4-6p2cz68kymwz5 Video

Page URL History Show full URLs

https://9xbuddy.com/process?url=https://lajkema.com/v/4-6p2cz68kymwz5 HTTP 301
https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5 Page URL

Page Statistics

21
Requests

95 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

165 kB
Transfer

490 kB
Size

3
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
Title: Share On Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2F9xbuddy.org%2Fprocess%3Furl%3Dhttps%3A%2F%2Flajkema.com%2Fv%2F4-6p2cz68kymwz5
Title: Tweet @ Twitter

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https%3A%2F%2F9xbuddy.org%2Fprocess%3Furl%3Dhttps%3A%2F%2Flajkema.com%2Fv%2F4-6p2cz68kymwz5
Title: Share On VK

Search URL Search Domain Scan URL

URL: https://9xbud.com/https://lajkema.com/v/4-6p2cz68kymwz5
Title: 9xbud.com/https://lajkema.com/v/4-6p2cz68kymwz5

Search URL Search Domain Scan URL

URL: https://pr48a97.9xbud.com/down/aHR0cHM6Ly9mdnMuaW8vcmVkaXJlY3Rvcj90b2tlbj1iREZsUkhkR05uSkhjbGQyWW1wUUszaHNOVUpCYkd4S2RXZFFPVVJwYTB4c1lUSnFTbVo0TW05Q2NFMUZlWEl6YzJjNWRWbGtiR1JZVkROdk0wd3hSVFpNVEhGalp6bFhVekpyUlZScE9FTkRhRFpqT1RaUVUxZExaWEZHY0c4MFIzSjBjVmhTUkdKamFVcElNREp4WVhsRWJISkpUWEZ1WnpCQ1JtbFNWWFJOVVVwNlRrcFZZbmh2YVZsamEzYzBkbFJLWlcxUVIwZDRlVGt5UW1KT05UbEJQVDA2YXpZMGJUbFJkelZ0Y20xNFdsWnBiV2xaVEhCT1FUMDlmWU9W/a07cef94e487eebc5561e5d259e3d2d0-1649940451?customName=4-6p2cz68kymwz5%20Video_480p
Title: Download Now

Search URL Search Domain Scan URL

URL: https://fvs.io/redirector?token=bDFlRHdGNnJHcld2YmpQK3hsNUJBbGxKdWdQOURpa0xsYTJqSmZ4Mm9CcE1FeXIzc2c5dVlkbGRYVDNvM0wxRTZMTHFjZzlXUzJrRVRpOENDaDZjOTZQU1dLZXFGcG80R3J0cVhSRGJjaUpIMDJxYXlEbHJJTXFuZzBCRmlSVXRNUUp6TkpVYnhvaVlja3c0dlRKZW1QR0d4eTkyQmJONTlBPT06azY0bTlRdzVtcm14WlZpbWlZTHBOQT09fYOV
Title: Download Now

Search URL Search Domain Scan URL

URL: https://pr48a97.9xbud.com/down/aHR0cHM6Ly9mdnMuaW8vcmVkaXJlY3Rvcj90b2tlbj1VWEZNYTJOa2JYQnlVMmd3TmtsTVFYQm9haklyV1dwNFluZFlPVmsyYWpReU9IWjNTVzVKUWtwRU9VMW1iMDVQVm14VVFUaFNPRk5tTjJOV2MxTlpVRVpzU0ROM00wSnJhbkUwZUZkM1ZUZGtlRTVSYmtJMWVsbGxUVEoxVVdKbmFqVkVjV1pEZW5NMWF6TlVTbG93UTFvM01FcEZja2x5U0VZNVdIcHphMGh0YTJKamFYUk5hbnB5WWxncllUWTJUeXRXWWtKdk1FeG5jVGxhUjFOUVowcDNQVDA2Um04dlUxbExXVkpOY1VacFpYTTNaVFZ4VGt0MlVUMDlzY1hR/7b9a74044c66c4bfa0870226dddac269-1649940451?customName=4-6p2cz68kymwz5%20Video_720p
Title: Download Now

Search URL Search Domain Scan URL

URL: https://fvs.io/redirector?token=UXFMa2NkbXByU2gwNklMQXBoajIrWWp4YndYOVk2ajQyOHZ3SW5JQkpEOU1mb05PVmxUQThSOFNmN2NWc1NZUEZsSDN3M0JranE0eFd3VTdkeE5RbkI1elllTTJ1UWJnajVEcWZDenM1azNUSlowQ1o3MEpFcklySEY5WHpza0hta2JjaXRNanpyYlgrYTY2TytWYkJvMExncTlaR1NQZ0p3PT06Rm8vU1lLWVJNcUZpZXM3ZTVxTkt2UT09scXQ
Title: Download Now

Search URL Search Domain Scan URL

URL: https://123sudo.com/
Title: 123sudo

Search URL Search Domain Scan URL

URL: https://123sudo.com/page/terms?app=9xbuddy
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://123sudo.com/page/privacy?app=9xbuddy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://9xbuddy.com/process?url=https://lajkema.com/v/4-6p2cz68kymwz5 HTTP 301
https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request process Show response
9xbuddy.org/
Redirect Chain

https://9xbuddy.com/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5

18 KB
6 KB

294ms
75ms

Document
text/html

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.17 123sudo

Resource Hash

faad4998d2ccf2375cdf14a2ffa2b8360a658562fbf030fdf3e1080c292cb61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6fbb2d550c4a9b2d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 08:47:30 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRuHhtmcofPR3hwBrcSRcxtZeJvwbCCOgraXtbQRzr2QaVjb7hbvQK%2BtjDSzrh5n0%2BCxPla7zgJQpRGtvrxwv7NGOX%2FY4EeSuY5xHuYJf5gZ9yIqN7ZnBY17FA0UXX4l5XKQCST5DyaQ%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: PHP/8.0.17 123sudo

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 6fbb2d538fdc68f5-FRA
date: Thu, 14 Apr 2022 08:47:29 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 14 Apr 2022 09:47:29 GMT
location: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21DbM9onXJV3EwxdNYdxpMRwm%2Fx%2BOc8v6gE1g7cTd7618EyY%2BmwDkpOVVK2gG9TFcfUnrkKILEWK%2FzncW9bsPbmfVSoVG7Y669qC2MvKbhTGwxN%2F8nkfY37kCCyZmYX7XpaOi0pfRCznWw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 main.efb9bf4cc96b05d12702.css
9xbuddy.org/build/ 26 KB
6 KB 29ms
27ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/build/main.efb9bf4cc96b05d12702.css

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

71b2c97435ca2c3ffa3bd24ecda0bd562b36273811f7e0bb86073892b35375f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5319
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 05:44:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62396239-6918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJ2ZDi2XGENki44o1KTVs26GX3YvWEVXHtpCcZtC3G9Osgu0ZhsSsdoTxQHJ6TLntNSEmOnhhc3sAwC0U8sVEy03Mlf0PWNCEDuTkOLymiMUfLm32HbTNNZ5TnRNWvA076GT1x6LFZdA%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6fbb2d55ad629b2d-FRA

GET
H2 200 invisible.js Show response
9xbuddy.org/cdn-cgi/challenge-platform/h/g/scripts/ 53 KB
18 KB 34ms
33ms Script
text/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1649923200

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b9a257d00ffb347a30530e9e3950fdb5da3544a987eacd26f5b158dfc471257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4j1enjYWkRcH82rRLNcsYngFnIT7HgAOb%2BElWHlf1aLLJ1bJikfeGJjQOOmBy8kMOFC7eO%2Ba6dRXC%2BwOv8dhlkIgMErej72wrI89PiEWjLBBJl6XpbH97H7S1ZcrzvUU%2BorECIsQTNpyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6fbb2d55ad669b2d-FRA
vary: Accept-Encoding

GET
H2 200 291f13891176f90733ca.png
9xbuddy.org/build/ 2 KB
3 KB 33ms
32ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9xbuddy.org/build/291f13891176f90733ca.png

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

55340830b75351b2ad4154871c488f34c0b66c8cef18719f3f7a8f9dc190cd58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:47:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5319
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2501
last-modified: Fri, 03 Sep 2021 10:11:23 GMT
server: cloudflare
x-frame-options: DENY
etag: "6131f4cb-9c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaOt%2BGpWA2qz9rY7RE2aBhM1rCxc3d011uOMngM9ep0g1IJawrxkN8hDyf9yoNx0QrvLggcDm5z6ic9oyj1uUQzvWSKRHE1MF%2B0noXyo5OZVflvBKleY1w4J%2BylzzjHt5cpACZOTlmKVTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fbb2d55ad709b2d-FRA

GET
H2 200 main.efb9bf4cc96b05d12702.js Show response
9xbuddy.org/build/ 278 KB
88 KB 43ms
42ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/build/main.efb9bf4cc96b05d12702.js

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

08d2242bfac729cedb2ed14f2a8f8fb89b459b80a1c89fba7e81b02e4fff5836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4661
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 05:44:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62396239-45704"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnUOh2B3qgRXoBiycjMjYCvI6ARALE%2BU0JPfCHkgr17WRbLrgmtX%2F5c%2FGi%2B2tZuQLGjDjpfHLSEWGHxBUyLh0ic%2F3fQYsyeCs6ID5FjA6%2FQ4J%2FSZhFiMCc3UqnnDHroHfqweeI4Ja5sGVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6fbb2d55ad6d9b2d-FRA

GET sw.js
9xbuddy.org/ 0
0

GET
H3 200 302.efb9bf4cc96b05d12702.js Show response
9xbuddy.org/build/ 8 KB
3 KB 26ms
26ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/build/302.efb9bf4cc96b05d12702.js

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/main.efb9bf4cc96b05d12702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

847c9761fed7a63dce5a4eaf6de4f89fc40577c70b9365db184b5ea0452d7f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4133
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 05:44:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62396239-1e67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIncB30KrcoVTAmfgR4NMxyLH53AhIWNSDglB%2BLoiBaFFJicFA8XKncRyN6TIq671B%2FHx58hzt933GjQVa1Cg8l45OC4iMFdFfeGAu4cJenkF3DAdM%2BXJsioJu3AAWDHWAYlDPl2HmJgtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6fbb2d562e8f8fe2-FRA

GET
H3 200 pica.js
9xbuddy.org/cdn-cgi/challenge-platform/h/g/scripts/ 22 KB
8 KB 31ms
31ms Other
text/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eaaeccf42313180c4200961ed9eb27e567ec9b02b96645e61742e0314d4068b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oeRgH8ssQT3arFL215hepeCqzt6YNKz%2B04LfEs%2BMOXy9LKlpRaGtAQaHKoiBN4CXM64Z8WedhsszpnDtaxu0%2F3jf%2FX5afN1%2FOEirVFuEiMEdKX%2BlDVkyq0vsUC3GiV5wGxLuxg43t7BgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6fbb2d563e9d8fe2-FRA
vary: Accept-Encoding

GET
H3 200 669.efb9bf4cc96b05d12702.js Show response
9xbuddy.org/build/ 13 KB
6 KB 27ms
27ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/build/669.efb9bf4cc96b05d12702.js

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/main.efb9bf4cc96b05d12702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

db51a3ea831647cbd6448a4332af512492ddc9f9e6f76aece263125bf17946fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6760
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 05:44:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62396239-35e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJbEtWwTR8pkRDYTJjJmY4Zf4Ic5idQuMuuMWGgd0%2BBKEIsB%2BLhB3IG94jttYnaTDQyBBn1N2bDODQxUQLzYhrrurTEhbfZ%2FUqk4BfrV%2FlfJ9%2BSYm3WXTSAaZwnWsbRCS%2FCxOSXOCKD1Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6fbb2d568f108fe2-FRA

GET
H3 200 189.efb9bf4cc96b05d12702.js Show response
9xbuddy.org/build/ 3 KB
2 KB 45ms
44ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/build/189.efb9bf4cc96b05d12702.js

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/main.efb9bf4cc96b05d12702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

7bb82a598836ba91c6628904821d3a96ded2d87a4814eb8b4b8d33c2a603af30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6760
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 05:44:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62396239-d3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIP9LpxBto7pKUc2D6Y7EgZlgjpr1STOLhJA7ay3K%2BjrSTxdfGPF8kuZpWmW5XqTckiCs9NJETlAv8WKAUHfOPePuw8XZjGIctdoSjAS05zRWla7ej2ITLTyIsC2xv5BSK%2FwisPnXgibsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6fbb2d568f138fe2-FRA

GET
H3 200 70.efb9bf4cc96b05d12702.js Show response
9xbuddy.org/build/ 22 KB
8 KB 45ms
44ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/build/70.efb9bf4cc96b05d12702.js

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/main.efb9bf4cc96b05d12702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

8cfc77c8937257dd40ad59ae890c359ffe8e07d781a013d1b3b42ada5d9aced0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7040
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 05:44:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62396239-58a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8B6xdqZOvyfEkmChB5h7WKyOF3NR4egPo3oqSjjSy6jrQf%2B1WSlO7fTI8588r9sEWJO3taUSW4vI%2B1Swor3qDRhDgPlXD%2FDnHDjwE2%2FMxLIMtSeyECpthHoTi2jq1XsENJ102%2F39LO%2FC6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6fbb2d568f158fe2-FRA

GET
H3 200 389.efb9bf4cc96b05d12702.js Show response
9xbuddy.org/build/ 37 KB
9 KB 28ms
28ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/build/389.efb9bf4cc96b05d12702.js

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/main.efb9bf4cc96b05d12702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

4f08f1bdc71549529316a382b2ba6527473d65d34d3f4f586849b695dae5af87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6760
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 05:44:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62396239-9520"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBCPPpUMY%2BhuK0l%2F3T8I2up00okWsHkBpUwa17hxCnvrEwkrtdS7bnoxrPPLz9KNTGjkQud9jxkgnHqjIwWY9HylSC78N%2Bbczq0oaamq46LJv5OgYvpuXvP6RlrhbQ%2FjupK1%2FWtbEL2EZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6fbb2d568f168fe2-FRA

POST
H2 200 token Show response
ab.9xbud.com/ 219 B
501 B 342ms
41ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ab.9xbud.com/token

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/669.efb9bf4cc96b05d12702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.17, 123sudo

Resource Hash

41670ef2c492b815f77ed4d079de7b882f8902d6e2433cd714a53c21168314ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://9xbuddy.org/
x-auth-token: nqqSrJaV3WOf1J1rk5pml8Zuksiba5OaZpfGbpLIm2WPyoLglrKw4LqFf4mEisOCcbZ7scXYmMrbZtia
X-Requested-With: xmlhttprequest
x-access-token: false
x-requested-domain: 9xbuddy.org

Response headers

date: Thu, 14 Apr 2022 08:47:30 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.17, 123sudo
access-control-allow-methods: POST
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v1RM51eEhTKVL2c34S%2Fa6iPUlsnJobm5S5kUWoOEHtxIwETk%2BzwuCTMfZg2jEbWHqNPKdSaaQyMo73zU9mFUq05BAdsyZIhm%2F%2BPLMBFHy8UgmBC%2FUmFXsWRT2NDZ3Bpm%2FCyHelgc5Hz6nhU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://9xbuddy.org
access-control-allow-credentials: true
cf-ray: 6fbb2d5a1bc7904c-FRA
access-control-allow-headers: content-type,x-requested-with,x-auth-token,x-requested-domain,x-access-token

OPTIONS
H2 200 token
ab.9xbud.com/ 0
0 115ms
60ms Preflight
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ab.9xbud.com/token

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.17 123sudo

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-access-token,x-auth-token,x-requested-domain,x-requested-with
Access-Control-Request-Method: POST
Origin: https://9xbuddy.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-requested-with,x-auth-token,x-requested-domain,x-access-token
access-control-allow-methods: POST
access-control-allow-origin: https://9xbuddy.org
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6fbb2d57d8ec904c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 08:47:30 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQ2kMwvrVkn0Hpd2Zdkgu7UwZ6RsJuTq4dbopsuqqh80fvVCzCapE9L3Fdr1GJEZPSuzYb2Le4BcI6VmzPQG9avI86cahRM2%2B8kiXzjBzco5GKaiD1qn9TPdNQWBJc9RvBZofrnFA3haG90%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-powered-by: PHP/8.0.17 123sudo

POST
H3 200 6fbb2d550c4a9b2d Show response
9xbuddy.org/cdn-cgi/challenge-platform/h/g/cv/result/ 2 B
728 B 41ms
40ms XHR
text/plain 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9xbuddy.org/cdn-cgi/challenge-platform/h/g/cv/result/6fbb2d550c4a9b2d

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1649923200

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Apr 2022 08:47:31 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7i0yutnlObyq3qDEYCMx4JDDxt1%2B%2F12bnEvMddHzh0EsUYT9dyl3TkVN1z4eOsfZV5oMquSWjPV12v4PBXKmj3IqzNQSFtrSc%2BK8UjZYlpSSRPAB0TnAh%2BzWxSGzNiCJxfErq91nYaFfQw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6fbb2d5bafaa8fe2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 extract Show response
ab.9xbud.com/ 5 KB
3 KB 453ms
452ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ab.9xbud.com/extract

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/669.efb9bf4cc96b05d12702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.17, 123sudo

Resource Hash

8fa5584f5fb33267715e4926b83e8109524e64e412b2ab1de639bda8869907c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://9xbuddy.org/
x-auth-token: nqqSrJaV3WOf1J1rk5pml8Zuksiba5OaZpfGbpLIm2WPyoLglrKw4LqFf4mEisOCcbZ7scXYmMrbZtia
X-Requested-With: xmlhttprequest
x-access-token: mtna0qyclWOc25urxpSukqCknn2h38/OpcOVaZGTWV65maPIoKmqUIC5hpNpkJZvg7qipJhkcISpaGtZUqbW0qXHvZnFrqKqkWVom19lbVBasK62hq6SVM/MpJuCd5rHnKFgUHXN2NGmx5Vlk5NnZpBkbZ1nYG5lUrjHyJrUz2OYlnBklWZmmGFm
x-requested-domain: 9xbuddy.org

Response headers

date: Thu, 14 Apr 2022 08:47:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.17, 123sudo
access-control-allow-methods: POST
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fh2Uj2K3vlc6UGihQVCB62S3FMIv7UeJgnJEQiqlX19aNx%2BVothpSBZivgBy6cmWtaPTU%2BiXVtmCDvZkhhZJwMHl2YVkpbCzvHn14wPPzlQjXh6Xx9t3l%2BsaOfUlRMPL%2BEmMO7VwKZpDbyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://9xbuddy.org
access-control-allow-credentials: true
cf-ray: 6fbb2d5c0ef75c02-FRA
access-control-allow-headers: content-type,x-requested-with,x-auth-token,x-requested-domain,x-access-token

OPTIONS
H3 200 extract
ab.9xbud.com/ 0
0 53ms
53ms Preflight
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ab.9xbud.com/extract

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.17 123sudo

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-access-token,x-auth-token,x-requested-domain,x-requested-with
Access-Control-Request-Method: POST
Origin: https://9xbuddy.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-requested-with,x-auth-token,x-requested-domain,x-access-token
access-control-allow-methods: POST
access-control-allow-origin: https://9xbuddy.org
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6fbb2d5bbe7a5c02-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 08:47:31 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnwHHVNSkOXtTqo1t8zk8mjV4qB7DkPrmOWNJh4Ht92mpGG5J3vhnniDMFmt5S1zEPvyYZy9wBb6zJKaoyGd3UU%2BWE2oB1MQX9%2BMZtHAsVQTZleM3A7T8vMSVsjDyj0rdla6jcFr%2BFmqZKU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-powered-by: PHP/8.0.17 123sudo

GET
H3 200 bddcb5cd2357411ec12c.png
9xbuddy.org/build/ 1 KB
2 KB 26ms
26ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9xbuddy.org/build/bddcb5cd2357411ec12c.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 123sudo

Resource Hash

be0fb81b1e6a4c784bae40dd35e460aa956802ef7a292f41fe6b973bfe9786ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/process?url=https://lajkema.com/v/4-6p2cz68kymwz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:47:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4243
x-powered-by: 123sudo
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1351
last-modified: Sat, 17 Jul 2021 06:03:08 GMT
server: cloudflare
x-frame-options: DENY
etag: "60f2729c-547"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXXIDPscnc3rfTEvPD7CGUanRnGvd%2BBRNUojaMi%2BOIzNcAgLDiyBYixUVA0Hd%2Balb7ecdwEGikHcuLDEKaVcfLYBEhfGgwiRY6jlS%2BArhg3ciMj%2BW%2Fv285BRPjYCWOScMFR8FVsQNJGXmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6fbb2d5efc558fe2-FRA

GET
H/1.1 200
OK 7972 Show response
baffledzein.com/rHH727qVeN4r6/ 5 B
1 KB 226ms
30ms Script
application/javascript 23.109.82.179
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://baffledzein.com/rHH727qVeN4r6/7972

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/389.efb9bf4cc96b05d12702.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.82.179 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:47:32 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=1
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://9xbuddy.org
Access-Control-Max-Age: 600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
X-Content-Type-Options: nosniff
Keep-Alive: timeout=20

GET
H/1.1 200
OK 40618 Show response
baffledzein.com/nQNFvR4pfdjHeE/ 0
0 25ms
25ms Script
text/html 23.109.82.179
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://baffledzein.com/nQNFvR4pfdjHeE/40618
Requested by: Host: 9xbuddy.org
URL: https://9xbuddy.org/build/389.efb9bf4cc96b05d12702.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 23.109.82.179 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H/1.1 200
OK 9537 Show response
baffledzein.com/1clkn/ 6 B
355 B 74ms
25ms Script
application/javascript 23.109.82.179
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://baffledzein.com/1clkn/9537

Requested by

Host: 9xbuddy.org
URL: https://9xbuddy.org/build/389.efb9bf4cc96b05d12702.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.82.179 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9xbuddy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 08:47:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=1
Keep-Alive: timeout=20

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 9xbuddy.org
URL: https://9xbuddy.org/sw.js

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.9xbuddy.org/	1970-01-20 02:18:47	Name: __cf_bm Value: KPr8QTZZt6HLlCRSocw1W8qtMVypAb41PTL27Oyy0ZI-1649926051-0-AfeedgAphZ3VSVA7Zq8Vi32K+6jcwAtFOEkydtXVP7bN42z106oiZMnrdlYQy5uDz0+mxqwVi9BTc/oJvW6sW32dkxPx1TSgCVmT05k2XNgC1NMsYQ999GtyqbX2+u05aA==
baffledzein.com/	1970-01-20 02:20:12	Name: GL_UI4 Value: eJw9jd1OgzAcxYHy4TIhnoQH8BHKHHNcGh%2FCS9LSP6wO2qXUEd%2FexkSvzi%2FnIyeKoqSuEN9zBvYlWjyTPI78RchODefT63gSrVTycOiO8twq2XXY6bX3Qs7kUzxOZMjpoR%2BsohJPIfpzrsZuJkUmnTCqRLaExlyikM5uK7maITViIeTvF2eDZov4tA6s4TywNoFjjsSuNat2KD60UWFY7ZE0vCrzCPvbLPxo3dJrlcfIJicUIX7DwyA8TdZ9o1C0Xr29AXZW%2FX%2F%2F95dtDUeu6K6HcG79hdwPMfRLXQ%3D%3D
baffledzein.com/	1970-01-20 02:20:12	Name: GL_GI10 Value: eJw9i8sKwjAURGsq0aJVBvwAv6CQqrgWFRd%2BRKjtVbJobkjjI369%2BMDVzBzOJEkiZhMI4zAt1bpQalmUalWoRYn0Qgyx22Nc89UGH7WtWsLgQL6tbIT0dDFsc4y%2BRdfcUPJfbzlHvzYh5sje8RNS0zlkR4p3Os03B2SWgu4cUYNsy96xrwJh8qefm0wxNJ12nh9R9jANpqUnW9J8PncUpEDvJsUL9zY8WQ%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9xbuddy.com
9xbuddy.org
ab.9xbud.com
baffledzein.com
9xbuddy.org
23.109.82.179
2606:4700:3038::6815:eb51
2a06:98c1:3121::7
08d2242bfac729cedb2ed14f2a8f8fb89b459b80a1c89fba7e81b02e4fff5836
1eaaeccf42313180c4200961ed9eb27e567ec9b02b96645e61742e0314d4068b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
41670ef2c492b815f77ed4d079de7b882f8902d6e2433cd714a53c21168314ae
4b9a257d00ffb347a30530e9e3950fdb5da3544a987eacd26f5b158dfc471257
4f08f1bdc71549529316a382b2ba6527473d65d34d3f4f586849b695dae5af87
55340830b75351b2ad4154871c488f34c0b66c8cef18719f3f7a8f9dc190cd58
71b2c97435ca2c3ffa3bd24ecda0bd562b36273811f7e0bb86073892b35375f9
7bb82a598836ba91c6628904821d3a96ded2d87a4814eb8b4b8d33c2a603af30
847c9761fed7a63dce5a4eaf6de4f89fc40577c70b9365db184b5ea0452d7f29
8cfc77c8937257dd40ad59ae890c359ffe8e07d781a013d1b3b42ada5d9aced0
8fa5584f5fb33267715e4926b83e8109524e64e412b2ab1de639bda8869907c7
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
be0fb81b1e6a4c784bae40dd35e460aa956802ef7a292f41fe6b973bfe9786ca
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
db51a3ea831647cbd6448a4332af512492ddc9f9e6f76aece263125bf17946fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
faad4998d2ccf2375cdf14a2ffa2b8360a658562fbf030fdf3e1080c292cb61c

9xbuddy.org Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

21 Requests

95 %HTTPS

67 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

165 kBTransfer

490 kBSize

3 Cookies

11 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

9xbuddy.org Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

95 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

165 kB
Transfer

490 kB
Size

3
Cookies

21 HTTP transactions
0 data transactions