urlscan.io logo urlscan.io
SecurityTrails logo

saint2.su Open in urlscan Pro
172.67.135.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://saint2.su/embed/RB2iIllfh_N
Submission: On November 13 via manual — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 22 HTTP transactions. The main IP is 172.67.135.21, located in United States and belongs to CLOUDFLARENET, US. The main domain is saint2.su. The Cisco Umbrella rank of the primary domain is 227546.
TLS certificate: Issued by WE1 on October 12th 2024. Valid for: 3 months.
This is the only time saint2.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.135.21 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:21:... 13335 (CLOUDFLAR...)
2 2400:52e0:1e0... 60068 (CDN77 _)
1 9 94.242.247.24 7979 (SERVERS-COM)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 212.117.190.217 7979 (SERVERS-COM)
2 94.242.247.32 ()
22 8
2    172.67.135.21 (United States)

ASN13335 (CLOUDFLARENET, US)
saint2.su
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2606:4700:21::681b:c358 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.plyr.io
2    2400:52e0:1e00::860:1 (Germany)

ASN60068 (CDN77 _, GB)
fonts.bunny.net
9    94.242.247.24 (Luxembourg)

ASN7979 (SERVERS-COM, US)
bankingbloatedcaptive.com
divisiondrearilyunfiled.com
3    2606:4700:3032::ac43:8715 (United States)

ASN13335 (CLOUDFLARENET, US)
saint2.su
ct1.saint2.su
1    212.117.190.217 (Luxembourg, Luxembourg)

ASN7979 (SERVERS-COM, US)
coosync.com
2    94.242.247.32 (None, )

ASN- ()
sheavvhhur.com
Apex Domain
Subdomains		 Transfer
6 divisiondrearilyunfiled.com
divisiondrearilyunfiled.com — Cisco Umbrella Rank: 35050
60 KB
5 saint2.su
saint2.su — Cisco Umbrella Rank: 227546
ct1.saint2.su — Cisco Umbrella Rank: 293243
83 KB
3 bankingbloatedcaptive.com
bankingbloatedcaptive.com — Cisco Umbrella Rank: 35536
85 KB
3 plyr.io
cdn.plyr.io — Cisco Umbrella Rank: 12876
42 KB
2 sheavvhhur.com
sheavvhhur.com
85 KB
2 bunny.net
fonts.bunny.net — Cisco Umbrella Rank: 11595
21 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 275
71 KB
1 coosync.com
coosync.com — Cisco Umbrella Rank: 17848
502 B
22 8
Domain Requested by
6 divisiondrearilyunfiled.com 1 redirects saint2.su
divisiondrearilyunfiled.com
4 saint2.su saint2.su
3 bankingbloatedcaptive.com saint2.su
bankingbloatedcaptive.com
3 cdn.plyr.io saint2.su
cdn.plyr.io
2 sheavvhhur.com saint2.su
sheavvhhur.com
2 fonts.bunny.net saint2.su
fonts.bunny.net
2 cdnjs.cloudflare.com saint2.su
1 coosync.com 1 redirects
1 ct1.saint2.su saint2.su
22 9

This site contains no links.

Subject Issuer Validity Valid
saint2.su
WE1		 2024-10-12 -
2025-01-10		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
cdn.plyr.io
Cloudflare Inc ECC CA-3		 2024-03-11 -
2024-12-31		 10 months crt.sh
fonts.bunny.net
R10		 2024-10-02 -
2024-12-31		 3 months crt.sh

Buypass Class 2 CA 5		 2024-09-20 -
2025-03-18		 6 months crt.sh

This page contains 4 frames:

Primary Page: https://saint2.su/embed/RB2iIllfh_N
Frame ID: E7F45DE36B58B4F4637B0D5F74930B34
Requests: 20 HTTP requests in this frame

Frame: https://divisiondrearilyunfiled.com/check.html
Frame ID: C8C26E2B047BDDC715CB07A6BA64700B
Requests: 1 HTTP requests in this frame

Frame: https://bankingbloatedcaptive.com/check.html
Frame ID: 138A765D6E1C90E588B12D134EB2770C
Requests: 1 HTTP requests in this frame

Frame: https://divisiondrearilyunfiled.com/sn/ps/2021529?im=1&puid=0&so=1&wcks=1
Frame ID: 64F9B6752DA43116F3641AECF779963C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

d6642e415103bcba755147ad12d283e6.mp4

Detected technologies

Overall confidence: 100%
Detected patterns
  • https://cdn\.plyr\.io/([0-9.]+)/.+\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

447 kB
Transfer

1184 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://divisiondrearilyunfiled.com/sn/pr/2021529?zoneid=2021529&jp=_cl9osd9furdr9djmhvh6vz&nojs=0&abvar=0&febuild=1.0.388&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&th=2AD&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=kdF4W0kaHR0cHM6Ly9zYWludDIuc3UvZW1iZWQvUkIyaUlsbGZoX04&afid=1520848760772608&dl=10&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&uf=0 HTTP 302
  • https://coosync.com/sn/c?zoneid=2021529&srp=MsgZp9dnguxs5vMj5-woz0MUyX3TcyuPsoPZLljyuP3lVQb2AboraKTiAZWwbrnoOixvBDTmvsniXGPy1XaLXuMOg8PEC43DarclBi78cdzezAnROR-EV_baf8R9cA==&im=1&wcks=1 HTTP 302
  • https://divisiondrearilyunfiled.com/sn/ps/2021529?im=1&puid=0&so=1&wcks=1

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request RB2iIllfh_N
saint2.su/embed/ 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://saint2.su/embed/RB2iIllfh_N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2c00d6ef37423cfeaaa948dbf1f641d3f4bde29c8c592247053857adbe4b1d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e1c31018ed60288-CDG
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 13 Nov 2024 04:59:16 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q23la3TixhVIiOf5QYu%2BXbYufwDnTxQDQ6V6i2TrR1blFfd5kEjhG%2BZzAhxp99NNpSBKsyHAhNccYV6GTDPO2wco8Cw%2Fesyems6kR2NIXDyZ%2F3lKWP8TvUtP19g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=15204&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3935&recv_bytes=2298&delivery_rate=266315&cwnd=253&unsent_bytes=0&cid=b3d4b2ac32255b1c&ts=147&x=0"
vary
Accept-Encoding
x-content-type-options
nosniff
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		282 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.js
Requested by
Host: saint2.su
URL: https://saint2.su/embed/RB2iIllfh_N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://saint2.su
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"603e8adc-46744"
age
343044
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e8enhE0nHJRUzVlFVYtQHUCuN%2FE%2BK%2FpRkfCO36A%2F0tMmLWe8o0cgaTLqYfvURZodrvzQ%2FNYUQQR1Km91aey0egCn9IETOpaz9Uxzxeb3E%2B0D9oL0f4bpTgYWYrn3LthHGO%2BDmwiEvl5POgMAWL1nelV0"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 03 Nov 2025 04:59:16 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 04:59:16 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e1c31042b26972f-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
70371
server
cloudflare
jquery.cookie.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.3.1/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.3.1/jquery.cookie.js
Requested by
Host: saint2.su
URL: https://saint2.su/embed/RB2iIllfh_N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f8d4cdb53aa201c8dd93712d1342157480d75d03859ea50656ab9ab3d298d30
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://saint2.su
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec1-85e"
age
423194
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ky9QjzdsSbe59j5uwjTP3ga6%2BjMmU%2B%2BIGGK24a2s8loe6KVu3zksiD9JPB1kN22qtKoVTuQmRkPzFaT6da5WViIOYUE1Usie5rME6%2FmOBHu9jIHHNcr8oon0oWjF125n9uW0hvZu9gBR25pIZMzlmBQH"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 03 Nov 2025 04:59:16 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 04:59:16 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:45 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e1c31042b27972f-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
789
server
cloudflare
plyr.css
cdn.plyr.io/3.7.8/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/3.7.8/plyr.css
Requested by
Host: saint2.su
URL: https://saint2.su/embed/RB2iIllfh_N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee720801746a99015c74144707638048778223b2520c8228b627f7262fb122b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://saint2.su/

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"411acf0fd5fe4d42c580db72f82077fd"
age
442916
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQyjDjCrbcXw%2Ba3osh959iG7BNkZvOfUrNoGijYiIT6AgZLKsv81w6Y4S%2BAGCeCJpnj8eeYgw2MSKEoQfTvoLus%2BgQapQfYwAgmKOASrfi7s5pJEYrp8MnR4VSev6RYndVVBVEZschCY"}],"group":"cf-nel","max_age":604800}
cf-ray
8e1c31044fbf4d6a-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=7457&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3794&recv_bytes=2320&delivery_rate=479537&cwnd=254&unsent_bytes=0&cid=d4aba22263058169&ts=56&x=0"
date
Wed, 13 Nov 2024 04:59:16 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 20 Apr 2023 10:33:44 GMT
vary
Accept-Encoding
server
cloudflare
css
fonts.bunny.net/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/css?family=rubik:500
Requested by
Host: saint2.su
URL: https://saint2.su/embed/RB2iIllfh_N
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::860:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-860 /
Resource Hash
2ee82912be9e931f0b8e377aabf940c6956708b9fc2aed0356a7f1321c2f648e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://saint2.su/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
alt-svc
h3=":443"
date
Wed, 13 Nov 2024 04:59:16 GMT
last-modified
Wed, 30 Oct 2024 20:01:30 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
10/30/2024 20:01:30
cache-control
public, max-age=2592000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid
943549029b6887a731303d7f038693f5
cdn-pullzone
781720
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
860
server
BunnyCDN-DE1-860
cdn-requestcountrycode
DE
plyr.js
cdn.plyr.io/3.7.8/ 		111 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/3.7.8/plyr.js
Requested by
Host: saint2.su
URL: https://saint2.su/embed/RB2iIllfh_N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7572410db5bf0c2a553dc8f92e5127d25c8eef78cce7243687ff557aad99e59f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://saint2.su/

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"714122a0383a143c50c9629e2bcb7e1f"
age
594421
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F8y0NKWC9GAn0R3GU4TLxe%2FDbN%2BKiHUq8ZiHmiF2UEuJYrBGpjck4da1kHj84uG96qsesc0tVjAfpXnkRR3EcSh9777wJuPhByyMU4Sj6wIpx7ua%2B45D27PyhmX3XB0VnfYkFyIQG%2F6o"}],"group":"cf-nel","max_age":604800}
cf-ray
8e1c31044fc04d6a-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=7457&sent=18&recv=12&lost=0&retrans=0&sent_bytes=10132&recv_bytes=2320&delivery_rate=479537&cwnd=254&unsent_bytes=0&cid=d4aba22263058169&ts=58&x=0"
date
Wed, 13 Nov 2024 04:59:16 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 20 Apr 2023 10:33:44 GMT
vary
Accept-Encoding
server
cloudflare
player-additional.css
saint2.su/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saint2.su/css/player-additional.css
Requested by
Host: saint2.su
URL: https://saint2.su/embed/RB2iIllfh_N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bb8e34961f5716ecb8cf3e95e6473c4066bdfde2e05e72e5a1f6312ba480120
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://saint2.su/embed/RB2iIllfh_N

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6622a397-19c7"
age
1684
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2F4PgPDiKDfZEtwFtv1eDR5y84hWqxP9mqwoj8h1%2FG2o7FG%2FJAQv8llZzg7jPsTohG4jlcrWoh4HBtx5NfupgqM%2FDDlwz8LZTB2a%2FCXJ65F6XAjhUEslqVkbLI8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=15254&sent=18&recv=14&lost=0&retrans=0&sent_bytes=11962&recv_bytes=2466&delivery_rate=773823&cwnd=255&unsent_bytes=0&cid=b3d4b2ac32255b1c&ts=204&x=0"
date
Wed, 13 Nov 2024 04:59:16 GMT
content-type
text/css
last-modified
Fri, 19 Apr 2024 17:02:15 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1c31029f460288-CDG
server
cloudflare
code.js
bankingbloatedcaptive.com/i/npage/2038581/ 		240 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bankingbloatedcaptive.com/i/npage/2038581/code.js
Requested by
Host: saint2.su
URL: https://saint2.su/embed/RB2iIllfh_N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e77f6cb2ab3fbfdd6c590a93424dc1239c0271c420a2bc45253a5b82743dd43b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://saint2.su/

Response headers

timing-allow-origin
*
content-encoding
gzip
etag
W/"67335e53-3c27d"
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
x-js-ab2
current
date
Wed, 13 Nov 2024 04:59:16 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 12 Nov 2024 13:55:31 GMT
server
nginx
vary
Accept-Encoding
b59f1f0f.js
divisiondrearilyunfiled.com/aas/r45d/vki/2021529/ 		146 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://divisiondrearilyunfiled.com/aas/r45d/vki/2021529/b59f1f0f.js
Requested by
Host: saint2.su
URL: https://saint2.su/embed/RB2iIllfh_N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
82bdb8a95872c09cc0ee371d43b1090b984fdd4f114d05e89297b1caefdd3dfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://saint2.su/

Response headers

timing-allow-origin
*
content-encoding
gzip
etag
W/"67335e53-24928"
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
x-js-ab2
current
date
Wed, 13 Nov 2024 04:59:16 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 12 Nov 2024 13:55:31 GMT
server
nginx
vary
Accept-Encoding
plyr.svg
cdn.plyr.io/3.7.8/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/3.7.8/plyr.svg
Requested by
Host: cdn.plyr.io
URL: https://cdn.plyr.io/3.7.8/plyr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://saint2.su/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"3a727a9b7eef825081d78cc6e48aaadf"
age
680503
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8FyQyD%2ByEvmvZirV9ZVlfrZOO9vsJYqLr6JcpohL2mJb5e1b8ezUWNMd0o%2FYnUv2BAsZyCQiPEywiWpHg0a7EuFC39rbAtuaaVozwZRiVttDW5mf2FKQkZVhFsb9XKxSoFavPcjGZr1D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=7681&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3794&recv_bytes=2254&delivery_rate=667001&cwnd=253&unsent_bytes=0&cid=f9ef0b051855a814&ts=26&x=0"
date
Wed, 13 Nov 2024 04:59:16 GMT
content-type
image/svg+xml
last-modified
Thu, 20 Apr 2023 10:33:44 GMT
vary
Origin, Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e1c31054a37dbd2-FRA
access-control-allow-origin
*
server
cloudflare
saintLogo.png
saint2.su/assets/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saint2.su/assets/saintLogo.png
Requested by
Host: saint2.su
URL: https://saint2.su/embed/RB2iIllfh_N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8715 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876e378d0fd81a2398b7634a828c983d334c578ece02066a8c14cbe24c5c687c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://saint2.su/embed/RB2iIllfh_N

Response headers

cf-cache-status
HIT
etag
"626dab1c-a0b3"
age
7164
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iom26ZMpFXh%2Ff1tbS%2By%2FErS6Qm4%2FbyTYuBlqXB%2BxampipPTAmojiFN6lmx6ESUYgJ6zoz9x%2BQ3ouTiiV65xPSNSlb%2BMmUEn9RXnfJlDYhzUhX175X3l5q67lo6LEPK8lXxAEnas2mro%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=154840&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4135&recv_bytes=5510&delivery_rate=21606&cwnd=12000&unsent_bytes=0&cid=d7c1e6c59046fa26&ts=192&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 13 Nov 2024 04:59:16 GMT
content-type
image/png
last-modified
Sat, 30 Apr 2022 21:33:16 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1c31059b65a35f-SEA
accept-ranges
bytes
content-length
41139
server
cloudflare
rubik-latin-500-normal.woff2
fonts.bunny.net/rubik/files/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/rubik/files/rubik-latin-500-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=rubik:500
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::860:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-860 /
Resource Hash
7f9ea3a91849752f729cf003b4839b162db15e3bcb57a4dd8fb2533fab377aad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://saint2.su
Referer
https://fonts.bunny.net/css?family=rubik:500

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"66f08eca-4ac4"
cdn-fileserver
637
date
Wed, 13 Nov 2024 04:59:16 GMT
cdn-storageserver
DE-634
content-type
font/woff2
last-modified
Sun, 22 Sep 2024 21:40:26 GMT
cdn-cachedat
10/19/2024 15:52:33
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cache-control
public, max-age=2592000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid
a7e1245b81bd394575aaeca5a9c23980
cdn-pullzone
781720
cdn-proxyver
1.04
accept-ranges
bytes
access-control-allow-origin
*
content-length
19140
cdn-edgestorageid
860
server
BunnyCDN-DE1-860
cdn-requestcountrycode
DE
6725afc33ecde-1730523075.jpg
ct1.saint2.su/thumbs/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct1.saint2.su/thumbs/6725afc33ecde-1730523075.jpg
Requested by
Host: saint2.su
URL: https://saint2.su/embed/RB2iIllfh_N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8715 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
951eb2f2e4af6469663859b8d9e4d90dde5d79285d970e5d916bc0b48f83bca2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://saint2.su/

Response headers

cf-cache-status
HIT
etag
"6725afc3-767e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cHBumiTQo5MSd2Q8TpM6MS0Myju9xj3iCWlzYtG9%2BAI04xB2ACUGYt925na1iJ5%2F381jRzC4HIw1I3OhHZ6hHw4z42VVW0QB3bQTyqWx4KVJtMF%2BXVdc1fsalZzjJzoutDllLQ2ktfCWlMhE"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=172152&sent=41&recv=16&lost=0&retrans=0&sent_bytes=36877&recv_bytes=6188&delivery_rate=77601&cwnd=21300&unsent_bytes=0&cid=d7c1e6c59046fa26&ts=443&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 13 Nov 2024 04:59:16 GMT
content-type
image/jpeg
last-modified
Sat, 02 Nov 2024 04:51:15 GMT
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
*
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e1c31060beca35f-SEA
accept-ranges
bytes
access-control-allow-origin
*
content-length
30334
server
cloudflare
check.html
divisiondrearilyunfiled.com/ Frame C8C2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://divisiondrearilyunfiled.com/check.html
Requested by
Host: divisiondrearilyunfiled.com
URL: https://divisiondrearilyunfiled.com/aas/r45d/vki/2021529/b59f1f0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://saint2.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 13 Nov 2024 04:59:16 GMT
etag
W/"672b6939-394"
last-modified
Wed, 06 Nov 2024 13:03:53 GMT
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-js-ab
var636
check.html
bankingbloatedcaptive.com/ Frame 138A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bankingbloatedcaptive.com/check.html
Requested by
Host: bankingbloatedcaptive.com
URL: https://bankingbloatedcaptive.com/i/npage/2038581/code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://saint2.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 13 Nov 2024 04:59:17 GMT
etag
W/"672b6c05-394"
last-modified
Wed, 06 Nov 2024 13:15:49 GMT
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-js-ab
var638
solid.gif
divisiondrearilyunfiled.com/ 		43 B
639 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://divisiondrearilyunfiled.com/solid.gif?z=2021529&nojs=0&abvar=0&febuild=1.0.388&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&th=2AD&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=kdF4W0kaHR0cHM6Ly9zYWludDIuc3UvZW1iZWQvUkIyaUlsbGZoX04&afid=1520848760772608&dl=10&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5
Requested by
Host: divisiondrearilyunfiled.com
URL: https://divisiondrearilyunfiled.com/aas/r45d/vki/2021529/b59f1f0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://saint2.su/

Response headers

x-route-id
stats.tag.loaded
content-length
43
date
Wed, 13 Nov 2024 04:59:17 GMT
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-type
image/gif
timing-allow-origin
*
server
nginx
2021529
divisiondrearilyunfiled.com/get/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://divisiondrearilyunfiled.com/get/2021529?zoneid=2021529&jp=_cl9osd9furdr9djmhvh6vz&nojs=0&abvar=0&febuild=1.0.388&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&th=2AD&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=kdF4W0kaHR0cHM6Ly9zYWludDIuc3UvZW1iZWQvUkIyaUlsbGZoX04&afid=1520848760772608&dl=10&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&uf=0
Requested by
Host: divisiondrearilyunfiled.com
URL: https://divisiondrearilyunfiled.com/aas/r45d/vki/2021529/b59f1f0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
2ea643cbd189ae7856f6dc97e6002ba13c9b636a8b9cb4bebeb88bea920d5307

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://saint2.su/

Response headers

timing-allow-origin
*
x-route-id
config
content-encoding
gzip
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
date
Wed, 13 Nov 2024 04:59:17 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
2021529
divisiondrearilyunfiled.com/sn/ps/ Frame 64F9
Redirect Chain
  • https://divisiondrearilyunfiled.com/sn/pr/2021529?zoneid=2021529&jp=_cl9osd9furdr9djmhvh6vz&nojs=0&abvar=0&febuild=1.0.388&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=3&...
  • https://coosync.com/sn/c?zoneid=2021529&srp=MsgZp9dnguxs5vMj5-woz0MUyX3TcyuPsoPZLljyuP3lVQb2AboraKTiAZWwbrnoOixvBDTmvsniXGPy1XaLXuMOg8PEC43DarclBi78cdzezAnROR-EV_baf8R9cA==&im=1&wcks=1
  • https://divisiondrearilyunfiled.com/sn/ps/2021529?im=1&puid=0&so=1&wcks=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://divisiondrearilyunfiled.com/sn/ps/2021529?im=1&puid=0&so=1&wcks=1
Requested by
Host: divisiondrearilyunfiled.com
URL: https://divisiondrearilyunfiled.com/aas/r45d/vki/2021529/b59f1f0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://saint2.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 13 Nov 2024 04:59:17 GMT
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-route-id
cookie.user_id.pre_sync.final

Redirect headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-length
108
content-type
text/html; charset=utf-8
date
Wed, 13 Nov 2024 04:59:17 GMT
location
https://divisiondrearilyunfiled.com/sn/ps/2021529?im=1&puid=0&so=1&wcks=1
server
nginx
timing-allow-origin
*
x-route-id
cookie.user_id.sync
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
2038581
bankingbloatedcaptive.com/get/ 		37 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bankingbloatedcaptive.com/get/2038581?zoneid=2038581&jp=_cl4b31u9oj7u5eoi6lm2yv&nojs=0&abvar=0&febuild=1.0.388&t=0&wcks=1&wgl=1&cnvs=1&os=-60&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=3&es=14&th=2AD&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=fYBgTLnaHR0cHM6Ly9zYWludDIuc3UvZW1iZWQvUkIyaUlsbGZoX04&afid=8839198155257344&dl=10&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&freq=0&uf=0
Requested by
Host: bankingbloatedcaptive.com
URL: https://bankingbloatedcaptive.com/i/npage/2038581/code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.24 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://saint2.su/

Response headers

timing-allow-origin
*
x-route-id
config
content-encoding
gzip
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
date
Wed, 13 Nov 2024 04:59:17 GMT
content-type
text/javascript
vary
Accept-Encoding
server
nginx
favicon-32x32.png
saint2.su/icons/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://saint2.su/icons/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8715 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94945f556111779fb965cbf0e4cff1f119227dc0b259b54e2f8339ccbcd39413
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://saint2.su/embed/RB2iIllfh_N

Response headers

cf-cache-status
HIT
etag
"6292b7ea-5aa"
age
3973
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2BGmQ3V4%2F1ZZIg9d%2Bt8jN0ICbpfD1Wso0WjCqlfoiBKwVYSrACsXvOyEWTBUo%2BR1sAQMPcKPciARxucIsO6BIOchxDWnbFvk9KTWQk%2F3X2iQJzR1qD6J3C%2FyzCEYEiuqyTdwcbWJqt8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=166654&sent=80&recv=46&lost=0&retrans=0&sent_bytes=78781&recv_bytes=7856&delivery_rate=104935&cwnd=40800&unsent_bytes=0&cid=d7c1e6c59046fa26&ts=869&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 13 Nov 2024 04:59:17 GMT
content-type
image/png
last-modified
Sun, 29 May 2022 00:01:46 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1c3109cfafa35f-SEA
accept-ranges
bytes
content-length
1450
server
cloudflare
xiwwz
sheavvhhur.com/en/ 		241 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sheavvhhur.com/en/xiwwz?wol=qk&bptqxr=aziiiips&yiikbt=ok&id=2038581&uqhv=mevu&lmc=ztusy&fs=148279&enhphs=641720
Requested by
Host: saint2.su
URL: https://saint2.su/embed/RB2iIllfh_N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.32 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a1fb64458ae336392c18757d46b6e2fff14b2d2cef473ce7d174d7673bbd66b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://saint2.su/

Response headers

content-encoding
gzip
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
etag
W/"67335e53-3c27d"
date
Wed, 13 Nov 2024 04:59:21 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 12 Nov 2024 13:55:31 GMT
server
nginx
vary
Accept-Encoding
saj
sheavvhhur.com/en/ltal/ 		37 B
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sheavvhhur.com/en/ltal/saj?uwtcay=zx&fj=1&zjr=689986&cdtko=0&xtw=wyqmo&zy=985847&wzw=&jb=Exkhcj/Bpmcmv&draw=mhjr&abp=0&egf=&gb=14&uax=Iyiibz%20Imcy%20OclzGL%20Ejywoj&ddwn=&uxt=&xs=-60&jjp=PDF%20Vhdqiiz::Cvsydv%20PDF%20Vprrdii::Cdgpymdd%20PDF%20Vpbwwb::Mfndyazcu%20Equw%20PDF%20Vnxapw::WnpKiin%20qrqqz-mc%20PDF&vcmw=bk-DE&gkvrdqv=1.0.388&dj=_nnjii2qcleq4p6r61o2vc1r&iijm=&us=0&knuz=1&l=0&zd=Lxhsz%20z86_64&atotl=0&tiioy=1&rvf=&fcrz=&b=1600&jt=8&ko=1&esdhcm=641720&tyii=5&eh=2AD&gy=10&uhes=0&gh=5&ze=0&uqt=YWhmaM1gHR0eHM6Ln9pYWxnvDIpg3UxZW1eZWQhUeIccUqsdGZkX04&rxeg=2365273691257856&id=2038581&wah=Ivzxk%20Iny.&touhry=grkexnwd&uu=3&qyc=0&cxr=1&iivwc=0&cw=0&g=1200&xwo=wa&uiim=tsjrb&mc=0&pf=0&kc=24&ge=148279&jk=1
Requested by
Host: sheavvhhur.com
URL: https://sheavvhhur.com/en/xiwwz?wol=qk&bptqxr=aziiiips&yiikbt=ok&id=2038581&uqhv=mevu&lmc=ztusy&fs=148279&enhphs=641720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.247.32 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://saint2.su/

Response headers

x-route-id
config
content-encoding
gzip
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
date
Wed, 13 Nov 2024 04:59:21 GMT
content-type
text/javascript
vary
Accept-Encoding
server
nginx

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Plyr function| sendAnalyticsData function| ping function| 2038581__cngfg__eu function| cphxzio function| 2021530__cngfg__eu function| sjlbhfs object| 2038581__cngfg object| 2021530__cngfg function| handleException function| k9WW boolean| zfgcodeloadedonclick number| onclHspc object| oncontextstore object| RmVlZEZyZXFDYXBTdG9yYWdl string| UGVyc2lzdFN0b3JhZ2U function| x5EE boolean| zfgcodeloadedinpage number| cs__param function| _cl9osd9furdr9djmhvh6vz number| puidSyncFrame function| _cl7ysybiyljs99rdtudqvl function| onClickTrigger boolean| zfgloadedpopup function| _cl4b31u9oj7u5eoi6lm2yv

10 Cookies

Domain/Path Name / Value
.saint2.su/ Name: PHPSESSID
Value: 6c0lkk31vohsv6tck24rqa8420
saint2.su/ Name: UGVyc2lzdFN0b3JhZ2U
Value: %7B%7D
divisiondrearilyunfiled.com/ Name: cart
Value: 1
divisiondrearilyunfiled.com/ Name: cart_p
Value: 2
divisiondrearilyunfiled.com/ Name: CHCK
Value: 1
divisiondrearilyunfiled.com/ Name: UID
Value: 24111223597111d39707a4448191c961aa85
bankingbloatedcaptive.com/ Name: cart
Value: 1
bankingbloatedcaptive.com/ Name: cart_p
Value: 2
bankingbloatedcaptive.com/ Name: CHCK
Value: 1
bankingbloatedcaptive.com/ Name: UID
Value: 24111223595e3b4581b7a74a3b90d335f93d

6 Console Messages

Source Level URL
Text
rendering warning URL: https://saint2.su/embed/RB2iIllfh_N
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0009F0074370000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://saint2.su/embed/RB2iIllfh_N
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A040F20674370000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://saint2.su/embed/RB2iIllfh_N
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A070070374370000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://saint2.su/embed/RB2iIllfh_N
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0D0F20674370000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://saint2.su/embed/RB2iIllfh_N
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F0400574370000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://saint2.su/embed/RB2iIllfh_N
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A090130874370000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bankingbloatedcaptive.com
cdn.plyr.io
cdnjs.cloudflare.com
coosync.com
ct1.saint2.su
divisiondrearilyunfiled.com
fonts.bunny.net
saint2.su
sheavvhhur.com
172.67.135.21
212.117.190.217
2400:52e0:1e00::860:1
2606:4700:21::681b:c358
2606:4700:3032::ac43:8715
2606:4700::6811:180e
94.242.247.24
94.242.247.32
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
2ea643cbd189ae7856f6dc97e6002ba13c9b636a8b9cb4bebeb88bea920d5307
2ee720801746a99015c74144707638048778223b2520c8228b627f7262fb122b
2ee82912be9e931f0b8e377aabf940c6956708b9fc2aed0356a7f1321c2f648e
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7
4bb8e34961f5716ecb8cf3e95e6473c4066bdfde2e05e72e5a1f6312ba480120
5f8d4cdb53aa201c8dd93712d1342157480d75d03859ea50656ab9ab3d298d30
7572410db5bf0c2a553dc8f92e5127d25c8eef78cce7243687ff557aad99e59f
7f9ea3a91849752f729cf003b4839b162db15e3bcb57a4dd8fb2533fab377aad
82bdb8a95872c09cc0ee371d43b1090b984fdd4f114d05e89297b1caefdd3dfe
876e378d0fd81a2398b7634a828c983d334c578ece02066a8c14cbe24c5c687c
94945f556111779fb965cbf0e4cff1f119227dc0b259b54e2f8339ccbcd39413
951eb2f2e4af6469663859b8d9e4d90dde5d79285d970e5d916bc0b48f83bca2
a1fb64458ae336392c18757d46b6e2fff14b2d2cef473ce7d174d7673bbd66b0
c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165
e2c00d6ef37423cfeaaa948dbf1f641d3f4bde29c8c592247053857adbe4b1d5
e77f6cb2ab3fbfdd6c590a93424dc1239c0271c420a2bc45253a5b82743dd43b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629