drivethruzoo.biz Open in urlscan Pro
2607:ff18:80::693b  Public Scan

24 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response drivethruzoo.biz/	11 KB 3 KB	2026ms 1909ms	Document text/html	2607:ff18:80::693b GRIDFURY-AS
General Check archive.org Show headers Download Go to Full URL https://drivethruzoo.biz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2607:ff18:80::693b , United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS Software Apache / Resource Hash 2b87a613ff271f1f45603ea29d4c528d0a3ec92b77c6c2e35c8065f89b9959db Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html; charset=utf-8 date Thu, 28 Mar 2024 10:42:12 GMT server Apache vary Accept-Encoding via e7s
GET H2	200	css2 fonts.googleapis.com/	3 KB 2 KB	132ms 48ms	Stylesheet text/css	2607:f8b0:4006:820::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Anta&display=swap Requested by Host: drivethruzoo.biz URL: https://drivethruzoo.biz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 32d337edb1651dc8cbd1306654cc7a33172e64f7e714f9a7f93fdeb9dcbeff8d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://drivethruzoo.biz/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Thu, 28 Mar 2024 10:42:14 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 28 Mar 2024 10:42:14 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 28 Mar 2024 10:42:14 GMT
GET H2	404	block_monky.jpg drivethruzoo.biz/	1 KB 1 KB	32ms 31ms	Image text/html	2607:ff18:80::693b GRIDFURY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://drivethruzoo.biz/block_monky.jpg Requested by Host: drivethruzoo.biz URL: https://drivethruzoo.biz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2607:ff18:80::693b , United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS Software Apache / Resource Hash 3c75919a0d01053ef2df40eb3667dd5e71ede612fd1b7f65ec6111c75db9118c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://drivethruzoo.biz/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 10:42:13 GMT via e7s server Apache accept-ranges bytes content-type text/html; charset=UTF-8
GET H2	200	telegram-widget.js Show response telegram.org/js/	20 KB 6 KB	297ms 93ms	Script application/javascript	2001:67c:4e8:f004::9 TELEGRAM
General Check archive.org Show headers Download Go to Full URL https://telegram.org/js/telegram-widget.js?15 Requested by Host: drivethruzoo.biz URL: https://drivethruzoo.biz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG), Reverse DNS Software nginx/1.18.0 / Resource Hash 0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://drivethruzoo.biz/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 10:42:14 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip last-modified Mon, 03 Apr 2023 11:46:12 GMT server nginx/1.18.0 etag W/"642abc84-4ff5" content-type application/javascript cache-control max-age=345600 expires Mon, 01 Apr 2024 10:42:14 GMT
GET H2	200	PIA21983JupiterLundh.jpg drivethruzoo.biz/	375 KB 376 KB	30ms 29ms	Image image/jpeg	2607:ff18:80::693b GRIDFURY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://drivethruzoo.biz/PIA21983JupiterLundh.jpg Requested by Host: drivethruzoo.biz URL: https://drivethruzoo.biz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2607:ff18:80::693b , United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS Software Apache / Resource Hash 8898ff83d45692175ee8a4d3b522aa6abd158dfbe04a158cf4bfc6eefc317049 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://drivethruzoo.biz/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 10:42:14 GMT via e7s last-modified Thu, 28 Mar 2024 01:59:41 GMT server Apache etag "5dc50-614aee0581d40" content-type image/jpeg accept-ranges bytes content-length 384080
GET H2	200	gyBzhwQ3KsIyVFs7PQ.woff2 fonts.gstatic.com/s/anta/v1/	15 KB 16 KB	92ms 27ms	Font font/woff2	2607:f8b0:4006:816::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/anta/v1/gyBzhwQ3KsIyVFs7PQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Anta&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f9ade076fedfdbe84bf33b952c796e8dd8144b85e3a79f9f5cfa128ac2fc06cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://drivethruzoo.biz accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 23:29:47 GMT x-content-type-options nosniff age 40347 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15364 x-xss-protection 0 last-modified Wed, 14 Feb 2024 22:51:17 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 27 Mar 2025 23:29:47 GMT
GET H2	200	231 t.me/nasapictures/ Frame 1D0D	0 0	440ms 240ms	Document text/html	2001:67c:4e8:f004::9 TELEGRAM
General Check archive.org Show headers Download Go to Full URL https://t.me/nasapictures/231?embed=1&userpic=true&color=CA9C0E&dark=&dark_color=F0B138 Requested by Host: telegram.org URL: https://telegram.org/js/telegram-widget.js?15 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG), Reverse DNS Software nginx/1.18.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=35768000 Request headers Referer https://drivethruzoo.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store content-encoding gzip content-length 4601 content-type text/html; charset=utf-8 date Thu, 28 Mar 2024 10:42:14 GMT pragma no-cache server nginx/1.18.0 strict-transport-security max-age=35768000
GET H2	404	Libertyonus.png drivethruzoo.biz/	1 KB 1 KB	27ms 26ms	Other text/html	2607:ff18:80::693b GRIDFURY-AS
General Check archive.org Show headers Download Go to Full URL https://drivethruzoo.biz/Libertyonus.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2607:ff18:80::693b , United States, ASN40630 (GRIDFURY-AS, US), Reverse DNS Software Apache / Resource Hash 3c75919a0d01053ef2df40eb3667dd5e71ede612fd1b7f65ec6111c75db9118c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://drivethruzoo.biz/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 10:42:16 GMT via e7s server Apache accept-ranges bytes content-type text/html; charset=UTF-8

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onpagereveal function| __parseFunction object| Telegram

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			t.me/	1970-01-20 19:28:28	Name: stel_ssid Value: 685375e1e6fe1df0b7_14956023642427720716
			t.me/	1970-01-21 04:17:40	Name: stel_on Value: 1
			t.me/	1970-01-21 04:12:38	Name: stel_dt Value: 0

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://drivethruzoo.biz/block_monky.jpg Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://drivethruzoo.biz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://drivethruzoo.biz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://drivethruzoo.biz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://drivethruzoo.biz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://drivethruzoo.biz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://drivethruzoo.biz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://drivethruzoo.biz/Libertyonus.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://drivethruzoo.biz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://drivethruzoo.biz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://drivethruzoo.biz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

drivethruzoo.biz
fonts.googleapis.com
fonts.gstatic.com
t.me
telegram.org
2001:67c:4e8:f004::9
2607:f8b0:4006:816::2003
2607:f8b0:4006:820::200a
2607:ff18:80::693b
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
2b87a613ff271f1f45603ea29d4c528d0a3ec92b77c6c2e35c8065f89b9959db
32d337edb1651dc8cbd1306654cc7a33172e64f7e714f9a7f93fdeb9dcbeff8d
3c75919a0d01053ef2df40eb3667dd5e71ede612fd1b7f65ec6111c75db9118c
8898ff83d45692175ee8a4d3b522aa6abd158dfbe04a158cf4bfc6eefc317049
f9ade076fedfdbe84bf33b952c796e8dd8144b85e3a79f9f5cfa128ac2fc06cc