urlscan.io logo urlscan.io
SecurityTrails logo

e5a5dc93.braraildye.live Open in urlscan Pro
3.76.71.197  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bt3.itotf.net/
Effective URL: https://e5a5dc93.braraildye.live/feismcgw/?u=pe7k605&o=3u0gcu2&f=1&sid=t2~zjlwpx3rffyhs45hrl3seq3b&fp=w6N7Sc9ZZC0tvfTYtyk7gw%3D%3D
Submission: On November 17 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 8 domains to perform 28 HTTP transactions. The main IP is 3.76.71.197, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is e5a5dc93.braraildye.live.
TLS certificate: Issued by E6 on November 6th 2024. Valid for: 3 months.
This is the only time e5a5dc93.braraildye.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 188.114.96.3 13335 (CLOUDFLAR...)
1 2 88.212.202.52 39134 (UNITEDNET...)
1 1 185.155.184.50 6898 (AS-6898 A...)
17 188.114.97.3 13335 (CLOUDFLAR...)
4 172.217.18.99 15169 (GOOGLE)
2 172.67.182.239 13335 (CLOUDFLAR...)
1 3.76.71.197 16509 (AMAZON-02)
28 7
3    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
bt3.itotf.net
2    88.212.202.52 (Russian Federation)

ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU)
PTR: host152.rax.ru
counter.yadro.ru
1    185.155.184.50 (Switzerland)

ASN6898 (AS-6898 AS5398 SA, CH)
mvgde.polluxcastor.top
17    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
mvgde.thi-tl-310-a.buzz
cdnstatic.thi-tl-310-a.buzz
4    172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net
www.gstatic.com
2    172.67.182.239 (United States)

ASN13335 (CLOUDFLARENET, US)
bet8323.com
1    3.76.71.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-71-197.eu-central-1.compute.amazonaws.com
e5a5dc93.braraildye.live
Apex Domain
Subdomains		 Transfer
17 thi-tl-310-a.buzz
mvgde.thi-tl-310-a.buzz
cdnstatic.thi-tl-310-a.buzz
46 KB
4 gstatic.com
www.gstatic.com
19 KB
3 itotf.net
bt3.itotf.net
6 KB
2 bet8323.com
bet8323.com
17 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 15372
1 KB
1 braraildye.live
e5a5dc93.braraildye.live
2 KB
1 polluxcastor.top
mvgde.polluxcastor.top
677 B
0 google.com Failed
play.google.com Failed
28 8
Domain Requested by
11 mvgde.thi-tl-310-a.buzz bt3.itotf.net
mvgde.thi-tl-310-a.buzz
cdnstatic.thi-tl-310-a.buzz
6 cdnstatic.thi-tl-310-a.buzz mvgde.thi-tl-310-a.buzz
cdnstatic.thi-tl-310-a.buzz
4 www.gstatic.com cdnstatic.thi-tl-310-a.buzz
3 bt3.itotf.net 1 redirects bt3.itotf.net
2 bet8323.com
2 counter.yadro.ru 1 redirects
1 e5a5dc93.braraildye.live bet8323.com
1 mvgde.polluxcastor.top 1 redirects
0 play.google.com Failed e5a5dc93.braraildye.live
28 9

This site contains no links.

Subject Issuer Validity Valid
itotf.net
WE1		 2024-10-21 -
2025-01-19		 3 months crt.sh
thi-tl-310-a.buzz
WE1		 2024-10-03 -
2025-01-01		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
bet8323.com
WE1		 2024-11-05 -
2025-02-03		 3 months crt.sh
braraildye.live
E6		 2024-11-06 -
2025-02-04		 3 months crt.sh

This page contains 1 frames:

Frame: https://play.google.com/store/apps/details?id=com.ss.android.ugc.trill
Frame ID: C49F2D83AAC4ED1563FBD3B159C787B7
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Redirect

Page URL History Show full URLs

  1. https://bt3.itotf.net/ Page URL
  2. https://bt3.itotf.net/ HTTP 301
    https://mvgde.polluxcastor.top/?pl=wyqwIiui3U-oMKNOfTV6Dg HTTP 302
    https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&h... Page URL
  3. https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&h... Page URL
  4. https://cdnstatic.thi-tl-310-a.buzz/ps/tb?id=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&sub_id=&click_id=&nrid=70eaccb7fffbc8... Page URL
  5. https://bet8323.com/?u=pe7k605&o=3u0gcu2 Page URL
  6. https://e5a5dc93.braraildye.live/feismcgw/?u=pe7k605&o=3u0gcu2&f=1&sid=t2~zjlwpx3rffyhs45hrl3seq3b&fp=w6N7Sc9... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Page Statistics

28
Requests

93 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

7
IPs

5
Countries

89 kB
Transfer

319 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bt3.itotf.net/ Page URL
  2. https://bt3.itotf.net/ HTTP 301
    https://mvgde.polluxcastor.top/?pl=wyqwIiui3U-oMKNOfTV6Dg HTTP 302
    https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454 Page URL
  3. https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454 Page URL
  4. https://cdnstatic.thi-tl-310-a.buzz/ps/tb?id=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&sub_id=&click_id=&nrid=70eaccb7fffbc8ef389147f74aa8742d&reason=tb_exit&attempt=1 Page URL
  5. https://bet8323.com/?u=pe7k605&o=3u0gcu2 Page URL
  6. https://e5a5dc93.braraildye.live/feismcgw/?u=pe7k605&o=3u0gcu2&f=1&sid=t2~zjlwpx3rffyhs45hrl3seq3b&fp=w6N7Sc9ZZC0tvfTYtyk7gw%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://counter.yadro.ru/hit;lootraff?r;s1600*1200*24;uhttps%3A//bt3.itotf.net/;hWacht.;0.6470504229360243 HTTP 302
  • https://counter.yadro.ru/hit;lootraff?q;r;s1600*1200*24;uhttps%3A//bt3.itotf.net/;hWacht.;0.6470504229360243
Request Chain 3
  • https://bt3.itotf.net/ HTTP 301
  • https://mvgde.polluxcastor.top/?pl=wyqwIiui3U-oMKNOfTV6Dg HTTP 302
  • https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454
Request Chain 28
  • https://e5a5dc93.braraildye.live/web/?sid=t2~zjlwpx3rffyhs45hrl3seq3b HTTP 302
  • https://play.google.com/store/apps/details?id=com.ss.android.ugc.trill

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bt3.itotf.net/ 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bt3.itotf.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1e215b5487bbc85592b42d50aca781eb8711772f1736cea8aeda233b86f444c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e414ee6492d0a55-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sun, 17 Nov 2024 17:05:54 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
</antibot777--/ab.php>; rel=dns-prefetch
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kOB3tH0KsF7XwIX3NYV%2B8l65DEeJp4LI0bQLo%2F3vvCG9KDoG6HSx0gWxh1QYLjjA6u02sRL8MftxkuvEqgEB3GmG1mZThhzYkr%2FxPb6IM9nqx1Le56k8omN2vKhTLIp%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15413&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4203&recv_bytes=4532&delivery_rate=648&cwnd=12000&unsent_bytes=0&cid=a04c5faabe953f20&ts=487&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-robots-tag
noindex
hit;lootraff
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;lootraff?r;s1600*1200*24;uhttps%3A//bt3.itotf.net/;hWacht.;0.6470504229360243
  • https://counter.yadro.ru/hit;lootraff?q;r;s1600*1200*24;uhttps%3A//bt3.itotf.net/;hWacht.;0.6470504229360243
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;lootraff?q;r;s1600*1200*24;uhttps%3A//bt3.itotf.net/;hWacht.;0.6470504229360243
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bt3.itotf.net/

Response headers

Strict-Transport-Security
max-age=86400
Cache-control
no-cache
Pragma
no-cache
Connection
keep-alive
Expires
Fri, 17 Nov 2023 21:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
43
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Date
Sun, 17 Nov 2024 17:05:54 GMT
Content-Type
image/gif
Server
nginx/1.17.9

Redirect headers

Strict-Transport-Security
max-age=86400
Cache-control
no-cache
Location
https://counter.yadro.ru/hit;lootraff?q;r;s1600*1200*24;uhttps%3A//bt3.itotf.net/;hWacht.;0.6470504229360243
Pragma
no-cache
Connection
keep-alive
Expires
Fri, 17 Nov 2023 21:00:00 GMT
Content-Length
32
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Date
Sun, 17 Nov 2024 17:05:54 GMT
Content-Type
text/html
Server
nginx/1.17.9
ab.php
bt3.itotf.net/antibot777--/ 		72 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bt3.itotf.net/antibot777--/ab.php
Requested by
Host: bt3.itotf.net
URL: https://bt3.itotf.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded;
Referer
https://bt3.itotf.net/

Response headers

x-robots-tag
noindex
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M2mY32R3VHYW3Ah69UGLg9GkBJN4lbwAdr99paY%2BxlCPzpPWcPlfYWaSCSHOoatOHIPE2YESY6YQ1MF3DslQE602faXxYIUfmrvkUwWtkUyNB7xYMP2pHsZpiENN4aJ5"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16169&sent=18&recv=15&lost=0&retrans=0&sent_bytes=8323&recv_bytes=5390&delivery_rate=220002&cwnd=12000&unsent_bytes=0&cid=a04c5faabe953f20&ts=649&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 17:05:54 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
*
cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-cms
AntiBot.Cloud (See: https://antibot.cloud/)
cf-ray
8e414ee99d280a55-AMS
access-control-allow-origin
*
server
cloudflare
/
mvgde.thi-tl-310-a.buzz/a1/
Redirect Chain
  • https://bt3.itotf.net/
  • https://mvgde.polluxcastor.top/?pl=wyqwIiui3U-oMKNOfTV6Dg
  • https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454
11 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454
Requested by
Host: bt3.itotf.net
URL: https://bt3.itotf.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f96ce7def8198449e0ab0efaeafc50b1819a882aff92f80b1fb87fa280d0b5d

Request headers

Referer
https://bt3.itotf.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e414eecccbf6563-AMS
content-encoding
zstd
content-type
text/html
date
Sun, 17 Nov 2024 17:05:54 GMT
last-modified
Sun, 17 Nov 2024 02:36:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u9Y95cNeX7siUistW65l%2B7npKKQFmmgiJ7T8QmTWqwfKkN4yWUfSZaapBGHPn2PLno%2B%2BkUOJ45ft42ogXSyEIQTYxfiFsdukMbO2zqMFZoBu9oVXYf1mT3BUZB8jS%2Bp8ujtAN%2FdKvZb4mg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=34229&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4237&recv_bytes=4603&delivery_rate=875&cwnd=12000&unsent_bytes=0&cid=2f3901677d4598e6&ts=134&x=1" cfHdrFlush;dur=0
vary
accept-encoding

Redirect headers

Accept-CH
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 17 Nov 2024 17:05:54 GMT
Location
https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454
Server
nginx
t.js
mvgde.thi-tl-310-a.buzz/a1/assets/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvgde.thi-tl-310-a.buzz/a1/assets/t.js
Requested by
Host: mvgde.thi-tl-310-a.buzz
URL: https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3efcd61ce47244f47b15c9f5d5749f79b2ddd57e51ebf995267ab02d4dcf2180

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"673956aa-1e6a"
age
627
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vi2RnKwoRTiO7a7cECPDQw9u6yE0ZsTFncY4mdGtTGvrQr2JYmLTzW0teZkyQXZo9KJod9uKFp6IL1hk5Rch5gTGwNxCdWu%2BmTrfNi9hYkfR389SAKQLIhnctLBt9%2FlNy4%2B6pY81VIybkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e414eedce1f6563-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27748&sent=24&recv=17&lost=0&retrans=0&sent_bytes=16016&recv_bytes=5989&delivery_rate=120173&cwnd=12000&unsent_bytes=0&cid=2f3901677d4598e6&ts=258&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 17:05:54 GMT
content-type
application/javascript
last-modified
Sun, 17 Nov 2024 02:36:26 GMT
vary
Accept-Encoding
server
cloudflare
style.css
mvgde.thi-tl-310-a.buzz/a1/assets/ 		595 B
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mvgde.thi-tl-310-a.buzz/a1/assets/style.css
Requested by
Host: mvgde.thi-tl-310-a.buzz
URL: https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e992932bc74e41cb59108c3700c7bd98f941c475ac2a19d2c0b48964551901f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"673956aa-253"
age
627
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uNzPPZbETlthjtFBLr7eX2y9gFNulM2Hm8L%2B0PP%2FFM55OwsIVrNmK9WqCnmwDkS%2B0AyrsHbr0PGBLbt1v9qZPUMu%2FXYJKwFvf5%2BSdtcKGCdM%2BKl7yGAclBLibT5SpTtGw0qnRJ8TWeRzWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e414eedce206563-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27748&sent=23&recv=17&lost=0&retrans=0&sent_bytes=15032&recv_bytes=5989&delivery_rate=120173&cwnd=12000&unsent_bytes=0&cid=2f3901677d4598e6&ts=255&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 17:05:54 GMT
content-type
text/css
last-modified
Sun, 17 Nov 2024 02:36:26 GMT
vary
Accept-Encoding
server
cloudflare
static-pl.js
mvgde.thi-tl-310-a.buzz/shared-js/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvgde.thi-tl-310-a.buzz/shared-js/assets/static-pl.js?v=5
Requested by
Host: mvgde.thi-tl-310-a.buzz
URL: https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7388e3f47b4385a2f508fba43e6988e40554d6a72b44d249ce6756ad17a23825

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"673956aa-ec8"
age
1764
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ptw%2B3%2FyoBhedC0gA4GPnAEzmv0GPZtJYJvGfAE%2BsMEo49uzW2pmq2cyaEyIRdzXjkaa4ZPgCNjeE8ZwrDKZkPoU1ffHI9ZPIVGfvb%2BFpt6VJA7IJUbFIDFkjZ5mq3w6EKwqJi%2FOyTbil%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e414eedce226563-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27748&sent=21&recv=17&lost=0&retrans=0&sent_bytes=12952&recv_bytes=5989&delivery_rate=120173&cwnd=12000&unsent_bytes=0&cid=2f3901677d4598e6&ts=254&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 17:05:54 GMT
content-type
application/javascript
last-modified
Sun, 17 Nov 2024 02:36:26 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
ps.js
cdnstatic.thi-tl-310-a.buzz/ps/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.thi-tl-310-a.buzz/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.thi-tl-310-a.buzz&timeout=1800&tb=true&nrid=37b33475cb1946d59c7d650ca0b0ba1a
Requested by
Host: mvgde.thi-tl-310-a.buzz
URL: https://mvgde.thi-tl-310-a.buzz/shared-js/assets/static-pl.js?v=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b56ab2d894786a43f70327e68a29bad6d70ee3ff691c9264cb9d8a0e48c94bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H3lxd7ldmJBPF9w%2BpFQOvKGC3mb0tL3%2FY0%2BZ7gfszW%2BW3bKzg25PgJ%2Bdg7j63klprw4758jtsAtnNGQATJ5ms9F9f%2BQEgPm3DLTI4%2FVdb4m20Bu8Bun0ViCTqHlEctVg2eNWUHfyCfvj5JMx46s%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e414eef3ff26563-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28329&sent=28&recv=21&lost=0&retrans=0&sent_bytes=18520&recv_bytes=6549&delivery_rate=223559&cwnd=12000&unsent_bytes=0&cid=2f3901677d4598e6&ts=523&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 17:05:55 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
config.js
cdnstatic.thi-tl-310-a.buzz/ps/ 		364 B
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.thi-tl-310-a.buzz/ps/config.js?id=wyqwIiui3U-oMKNOfTV6Dg
Requested by
Host: cdnstatic.thi-tl-310-a.buzz
URL: https://cdnstatic.thi-tl-310-a.buzz/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.thi-tl-310-a.buzz&timeout=1800&tb=true&nrid=37b33475cb1946d59c7d650ca0b0ba1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af0bb8b7a4d64839b86f8ee7fd4c1e9e0cd914e00e73006921ebace3cdc24047

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JE%2FjgPvviYwPmZOuO9AytbKHRwCVjePEM8ADDbBiBAfS2F8YsWrMtqNN5aupU2NrEwqv5%2BRTCv%2BYratOsUJrY49A2bDS8%2BNuuXRYSg6eoENnYSAzv4NGwKcBvVXL2SgwkeLvZ%2BZ6lTMLaSYieEw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e414ef009116563-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24077&sent=42&recv=29&lost=0&retrans=0&sent_bytes=33393&recv_bytes=7182&delivery_rate=111437&cwnd=24000&unsent_bytes=0&cid=2f3901677d4598e6&ts=658&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 17:05:55 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
firebase-app-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
Requested by
Host: cdnstatic.thi-tl-310-a.buzz
URL: https://cdnstatic.thi-tl-310-a.buzz/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.thi-tl-310-a.buzz&timeout=1800&tb=true&nrid=37b33475cb1946d59c7d650ca0b0ba1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f99.1e100.net
Software
sffe /
Resource Hash
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/

Response headers

content-encoding
gzip
age
308718
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 03:20:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 03:20:37 GMT
last-modified
Thu, 31 Aug 2023 15:20:38 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
9308
x-xss-protection
0
server
sffe
firebase-messaging-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
Requested by
Host: cdnstatic.thi-tl-310-a.buzz
URL: https://cdnstatic.thi-tl-310-a.buzz/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.thi-tl-310-a.buzz&timeout=1800&tb=true&nrid=37b33475cb1946d59c7d650ca0b0ba1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f99.1e100.net
Software
sffe /
Resource Hash
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/

Response headers

content-encoding
gzip
age
290104
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 08:30:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 08:30:51 GMT
last-modified
Thu, 31 Aug 2023 15:20:50 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
9934
x-xss-protection
0
server
sffe
favicon.ico
mvgde.thi-tl-310-a.buzz/ 		0
585 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mvgde.thi-tl-310-a.buzz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
7183
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DObvf59VU8qvQZiQ40jIR0SFdaIshfcOtFggO80yzssyXvU8Mt67TmwLBVgEYIzXnBlwWHjEZcLY6xvJpPCucBXEXwBV0LDfIXHmjOBEb9vruC9v0L4yu9yh%2F8XNBBTFetZ8SbGsPmkZpw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e414ef1cb426563-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26064&sent=46&recv=32&lost=0&retrans=0&sent_bytes=35056&recv_bytes=8122&delivery_rate=10110&cwnd=24000&unsent_bytes=0&cid=2f3901677d4598e6&ts=899&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 17:05:55 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
mvgde.thi-tl-310-a.buzz/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://mvgde.thi-tl-310-a.buzz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
7183
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DObvf59VU8qvQZiQ40jIR0SFdaIshfcOtFggO80yzssyXvU8Mt67TmwLBVgEYIzXnBlwWHjEZcLY6xvJpPCucBXEXwBV0LDfIXHmjOBEb9vruC9v0L4yu9yh%2F8XNBBTFetZ8SbGsPmkZpw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e414ef1cb426563-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26064&sent=46&recv=32&lost=0&retrans=0&sent_bytes=35056&recv_bytes=8122&delivery_rate=10110&cwnd=24000&unsent_bytes=0&cid=2f3901677d4598e6&ts=899&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 17:05:55 GMT
vary
Accept-Encoding
server
cloudflare
/
mvgde.thi-tl-310-a.buzz/a1/ 		11 KB
597 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454
Requested by
Host: cdnstatic.thi-tl-310-a.buzz
URL: https://cdnstatic.thi-tl-310-a.buzz/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.thi-tl-310-a.buzz&timeout=1800&tb=true&nrid=37b33475cb1946d59c7d650ca0b0ba1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f96ce7def8198449e0ab0efaeafc50b1819a882aff92f80b1fb87fa280d0b5d

Request headers

Referer
https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e414efc3a596563-AMS
content-encoding
zstd
content-type
text/html
date
Sun, 17 Nov 2024 17:05:57 GMT
last-modified
Sun, 17 Nov 2024 02:36:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Az2VLgo%2FPlmvyqVEkdnH3mv8KVCewCUYlUZ%2B74ptXBM65eIYekfIRJ%2F3Ea40EoT5CTsiOjqJGgWClQsXtC%2F5ryHcopDyiYKRj2wTa2JyTsHIAwHc3kTV%2FrE65vjtBLfri1fU9Le0g7rFkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=28000&sent=49&recv=35&lost=0&retrans=0&sent_bytes=36713&recv_bytes=8821&delivery_rate=40378&cwnd=24000&unsent_bytes=0&cid=2f3901677d4598e6&ts=2572&x=1" cfHdrFlush;dur=0
vary
accept-encoding
t.js
mvgde.thi-tl-310-a.buzz/a1/assets/ 		8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mvgde.thi-tl-310-a.buzz/a1/assets/t.js
Requested by
Host: mvgde.thi-tl-310-a.buzz
URL: https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3efcd61ce47244f47b15c9f5d5749f79b2ddd57e51ebf995267ab02d4dcf2180

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"673956aa-1e6a"
age
627
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vi2RnKwoRTiO7a7cECPDQw9u6yE0ZsTFncY4mdGtTGvrQr2JYmLTzW0teZkyQXZo9KJod9uKFp6IL1hk5Rch5gTGwNxCdWu%2BmTrfNi9hYkfR389SAKQLIhnctLBt9%2FlNy4%2B6pY81VIybkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e414eedce1f6563-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27748&sent=24&recv=17&lost=0&retrans=0&sent_bytes=16016&recv_bytes=5989&delivery_rate=120173&cwnd=12000&unsent_bytes=0&cid=2f3901677d4598e6&ts=258&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 17:05:54 GMT
content-type
application/javascript
last-modified
Sun, 17 Nov 2024 02:36:26 GMT
vary
Accept-Encoding
server
cloudflare
style.css
mvgde.thi-tl-310-a.buzz/a1/assets/ 		595 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mvgde.thi-tl-310-a.buzz/a1/assets/style.css
Requested by
Host: mvgde.thi-tl-310-a.buzz
URL: https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e992932bc74e41cb59108c3700c7bd98f941c475ac2a19d2c0b48964551901f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"673956aa-253"
age
627
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uNzPPZbETlthjtFBLr7eX2y9gFNulM2Hm8L%2B0PP%2FFM55OwsIVrNmK9WqCnmwDkS%2B0AyrsHbr0PGBLbt1v9qZPUMu%2FXYJKwFvf5%2BSdtcKGCdM%2BKl7yGAclBLibT5SpTtGw0qnRJ8TWeRzWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e414eedce206563-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27748&sent=23&recv=17&lost=0&retrans=0&sent_bytes=15032&recv_bytes=5989&delivery_rate=120173&cwnd=12000&unsent_bytes=0&cid=2f3901677d4598e6&ts=255&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 17:05:54 GMT
content-type
text/css
last-modified
Sun, 17 Nov 2024 02:36:26 GMT
vary
Accept-Encoding
server
cloudflare
static-pl.js
mvgde.thi-tl-310-a.buzz/shared-js/assets/ 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mvgde.thi-tl-310-a.buzz/shared-js/assets/static-pl.js?v=5
Requested by
Host: mvgde.thi-tl-310-a.buzz
URL: https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7388e3f47b4385a2f508fba43e6988e40554d6a72b44d249ce6756ad17a23825

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"673956aa-ec8"
age
1764
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ptw%2B3%2FyoBhedC0gA4GPnAEzmv0GPZtJYJvGfAE%2BsMEo49uzW2pmq2cyaEyIRdzXjkaa4ZPgCNjeE8ZwrDKZkPoU1ffHI9ZPIVGfvb%2BFpt6VJA7IJUbFIDFkjZ5mq3w6EKwqJi%2FOyTbil%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e414eedce226563-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27748&sent=21&recv=17&lost=0&retrans=0&sent_bytes=12952&recv_bytes=5989&delivery_rate=120173&cwnd=12000&unsent_bytes=0&cid=2f3901677d4598e6&ts=254&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 17:05:54 GMT
content-type
application/javascript
last-modified
Sun, 17 Nov 2024 02:36:26 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
ps.js
cdnstatic.thi-tl-310-a.buzz/ps/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.thi-tl-310-a.buzz/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.thi-tl-310-a.buzz&timeout=1800&tb=true&nrid=37b33475cb1946d59c7d650ca0b0ba1a
Requested by
Host: mvgde.thi-tl-310-a.buzz
URL: https://mvgde.thi-tl-310-a.buzz/shared-js/assets/static-pl.js?v=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01307df946a3c0f73b62211e21ddc69d8494a01813723c3da2faa1fb484c915d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0lumMPCR8diWGwv9aHAfEOxh0aXuHz2HCHUL8MHsQ%2Bi57DdR8qI6%2FcyBkBqUEUQKsvLVWvQaEQLhdNlgQcUniF4aWO6itV121s2AImFJH6A0HtxEuxM9IXdZt58Du9T2VI0NgpGLeJqjqX0VUnc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e414efcbb336563-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28804&sent=51&recv=37&lost=0&retrans=0&sent_bytes=37357&recv_bytes=9328&delivery_rate=7378&cwnd=24000&unsent_bytes=0&cid=2f3901677d4598e6&ts=2668&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 17:05:57 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
config.js
cdnstatic.thi-tl-310-a.buzz/ps/ 		364 B
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.thi-tl-310-a.buzz/ps/config.js?id=wyqwIiui3U-oMKNOfTV6Dg
Requested by
Host: cdnstatic.thi-tl-310-a.buzz
URL: https://cdnstatic.thi-tl-310-a.buzz/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.thi-tl-310-a.buzz&timeout=1800&tb=true&nrid=37b33475cb1946d59c7d650ca0b0ba1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ek5HuNd378ssQnD0dejIbyevw%2FDr50Hn92I49k9v%2BvDsuGguaFRzDG9p6MMU9LhWgHo6T4GjddqJRIobaqZDqTUCGGpswLh51zX86c3%2F3Mnut7%2F5Bv9OE27RemRwo5MZARWvrrKpJq76eLu1kI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e414efd2bf76563-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24470&sent=65&recv=43&lost=0&retrans=0&sent_bytes=52138&recv_bytes=9880&delivery_rate=259332&cwnd=24000&unsent_bytes=0&cid=2f3901677d4598e6&ts=2727&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 17:05:57 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
firebase-app-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		28 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
Requested by
Host: cdnstatic.thi-tl-310-a.buzz
URL: https://cdnstatic.thi-tl-310-a.buzz/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.thi-tl-310-a.buzz&timeout=1800&tb=true&nrid=37b33475cb1946d59c7d650ca0b0ba1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f99.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/

Response headers

content-encoding
gzip
age
308718
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 03:20:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 03:20:37 GMT
last-modified
Thu, 31 Aug 2023 15:20:38 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
9308
x-xss-protection
0
server
sffe
firebase-messaging-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		37 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
Requested by
Host: cdnstatic.thi-tl-310-a.buzz
URL: https://cdnstatic.thi-tl-310-a.buzz/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.thi-tl-310-a.buzz&timeout=1800&tb=true&nrid=37b33475cb1946d59c7d650ca0b0ba1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f99.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/

Response headers

content-encoding
gzip
age
290104
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 08:30:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 08:30:51 GMT
last-modified
Thu, 31 Aug 2023 15:20:50 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
9934
x-xss-protection
0
server
sffe
favicon.ico
mvgde.thi-tl-310-a.buzz/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://mvgde.thi-tl-310-a.buzz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mvgde.thi-tl-310-a.buzz/a1/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&nrid=37b33475cb1946d59c7d650ca0b0ba1a&hash=pASXLX9J93mlJ-EEZPVbww&exp=1731863454

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
7183
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DObvf59VU8qvQZiQ40jIR0SFdaIshfcOtFggO80yzssyXvU8Mt67TmwLBVgEYIzXnBlwWHjEZcLY6xvJpPCucBXEXwBV0LDfIXHmjOBEb9vruC9v0L4yu9yh%2F8XNBBTFetZ8SbGsPmkZpw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e414ef1cb426563-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26064&sent=46&recv=32&lost=0&retrans=0&sent_bytes=35056&recv_bytes=8122&delivery_rate=10110&cwnd=24000&unsent_bytes=0&cid=2f3901677d4598e6&ts=899&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 17:05:55 GMT
vary
Accept-Encoding
server
cloudflare
tb
cdnstatic.thi-tl-310-a.buzz/ps/ 		259 B
844 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.thi-tl-310-a.buzz/ps/tb?id=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&sub_id=&click_id=&nrid=70eaccb7fffbc8ef389147f74aa8742d&reason=tb_exit&attempt=1
Requested by
Host: cdnstatic.thi-tl-310-a.buzz
URL: https://cdnstatic.thi-tl-310-a.buzz/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=er1&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.thi-tl-310-a.buzz&timeout=1800&tb=true&nrid=37b33475cb1946d59c7d650ca0b0ba1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://mvgde.thi-tl-310-a.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e414efded3a6563-AMS
content-encoding
zstd
content-type
text/html
date
Sun, 17 Nov 2024 17:05:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=53KRZsBEQ7SkUfkfJ1Dn%2F9DAdavluT2dQIwo%2B07kIW0pZszIqj7WX%2BZYkfPXIu1EhmTcMS8UNo4vhmLtTE20uBZyslJpPx9m7Q7G8PxqcytbArYF5ffUu6J2vIa5hULe5BRfwZK9b1ohbBTVccw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=23833&sent=67&recv=45&lost=0&retrans=0&sent_bytes=53119&recv_bytes=10451&delivery_rate=12932&cwnd=24000&unsent_bytes=0&cid=2f3901677d4598e6&ts=2858&x=1" cfHdrFlush;dur=0
vary
accept-encoding
/
bet8323.com/ 		49 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bet8323.com/?u=pe7k605&o=3u0gcu2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8e414eff0d4ca002-AMS
content-encoding
zstd
content-type
text/html
date
Sun, 17 Nov 2024 17:05:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xIlDYmfyoG2pQrJQq70kszQlYsInomZNGhv4UCVAITeSNvnVvDAwlDUhoDILP42xtORwmRUaOJWiiQW%2FShg8ewRjW6ZBL1Lg%2FGKXKfoZlr8BURoSQ5ewyMtWu2uZAg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=16997&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4160&recv_bytes=4490&delivery_rate=621&cwnd=12000&unsent_bytes=0&cid=a8bb11b5d150e6b3&ts=102&x=1" cfExtPri cfHdrFlush;dur=0
favicon.ico
cdnstatic.thi-tl-310-a.buzz/ 		0
590 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.thi-tl-310-a.buzz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
3659
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GE8N27X3REeuLO8ABvYfaRVPL2kL2Yvhh8PyRMBCk6Wd58aiSNJkEBlxROim9bD6y%2FCa%2F6PpZPC%2Fq8LvO8U87jMPoQilLeVkU7FdXlDa4n1fG7sJTL8eTlrmDFer320MfAugrdiEHuqbI%2FKyqsA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e414efebe8d6563-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23185&sent=70&recv=47&lost=0&retrans=0&sent_bytes=54034&recv_bytes=10860&delivery_rate=15321&cwnd=24000&unsent_bytes=0&cid=2f3901677d4598e6&ts=2965&x=1", cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 17:05:57 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
bet8323.com/ 		0
604 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bet8323.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bet8323.com/?u=pe7k605&o=3u0gcu2

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
2931
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R6bH6jjbYgo1Rq2IUsYQOhVUHN8Gly3BaomaEWQEQ9G84eUjo0uY7a%2FBq%2FUrWgGCytFU3pSUuLMdQPNVrn3l2AnR4WnGiiK4BTjpZYJYVPHl6bbMTxEhveStyoVc0g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e414f004f6ca002-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16432&sent=29&recv=19&lost=0&retrans=0&sent_bytes=20963&recv_bytes=5258&delivery_rate=151916&cwnd=12000&unsent_bytes=0&cid=a8bb11b5d150e6b3&ts=255&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 17:05:57 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
Primary Request /
e5a5dc93.braraildye.live/feismcgw/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e5a5dc93.braraildye.live/feismcgw/?u=pe7k605&o=3u0gcu2&f=1&sid=t2~zjlwpx3rffyhs45hrl3seq3b&fp=w6N7Sc9ZZC0tvfTYtyk7gw%3D%3D
Requested by
Host: bet8323.com
URL: https://bet8323.com/?u=pe7k605&o=3u0gcu2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
3.76.71.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-76-71-197.eu-central-1.compute.amazonaws.com
Software
openresty /
Resource Hash
3e600691cb5eb1d3223ded3c9a45c889c4c66fc84a9437f5034f28a790297394

Request headers

Referer
https://bet8323.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
1627
Content-Type
text/html
Date
Sun, 17 Nov 2024 17:05:58 GMT
Server
openresty
cache-control
private
details
play.google.com/store/apps/
Redirect Chain
  • https://e5a5dc93.braraildye.live/web/?sid=t2~zjlwpx3rffyhs45hrl3seq3b
  • https://play.google.com/store/apps/details?id=com.ss.android.ugc.trill
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
play.google.com
URL
https://play.google.com/store/apps/details?id=com.ss.android.ugc.trill

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| requestLink object| geoInfo string| ip string| devInfo function| takeC string| redirectUrl object| e

17 Cookies

Domain/Path Name / Value
bt3.itotf.net/ Name: antibot_uid
Value: cb19d2fcb64d3edc38f0d62a9b967e1f
bt3.itotf.net/ Name: antibot_country
Value: NL
bt3.itotf.net/ Name: antibot_lang
Value: nl
bt3.itotf.net/ Name: antibot_ptr
Value: hostedby.i3d.net
bt3.itotf.net/ Name: antibot_2fd228af0508b3e91d5ea243c7db5d31
Value: d7577e88850c43b92d48b8f3ebf35194
.yadro.ru/ Name: FTID
Value: 1dEY9o3_1uev1dEY9o003Qhk
bt3.itotf.net/ Name: antibot_referer
Value: https%3A%2F%2Fbt3.itotf.net%2F
bt3.itotf.net/ Name: antibot_hits
Value: 2
bt3.itotf.net/ Name: antibot_unique_20241117
Value: 1
.yadro.ru/ Name: VID
Value: 29T8Cf13Wuev1dEY9o003Qiv
mvgde.polluxcastor.top/ Name: wyqwIiui3U-oMKNOfTV6Dg
Value: 5
mvgde.polluxcastor.top/ Name: __pl
Value: ad7d3c33-8ade-46ac-a10d-e41542227b9d
mvgde.polluxcastor.top/ Name: __cap
Value: 1
cdnstatic.thi-tl-310-a.buzz/ Name: __psu
Value: e4de00f4-2cd7-471c-bd8f-b519076ec33f
bet8323.com/ Name: sid
Value: t2~zjlwpx3rffyhs45hrl3seq3b
bet8323.com/ Name: p1
Value: https://braraildye.live/feismcgw/
bet8323.com/ Name: s1
Value: xmr0k0amfz0ukh3l