xr.dtvi.club Open in urlscan Pro
2606:4700:3033::ac43:93ae Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.trafyield.com/jump/next.php?r=2204499&sub1=154444_
Effective URL:
http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834
Submission Tags: falconsandbox
Submission: On May 25 via api (May 25th 2021, 10:12:19 pm UTC) from US

Summary HTTP 14 Redirects Links 2 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3033::ac43:93ae, located in United States and belongs to CLOUDFLARENET, US. The main domain is xr.dtvi.club.

This is the only time xr.dtvi.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 3	35.201.127.73 35.201.127.73		15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3032::ac43:de81		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	2606:4700:303... 2606:4700:3033::ac43:93ae		13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	3

3 35.201.127.73 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 73.127.201.35.bc.googleusercontent.com

www.trafyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:de81 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.abevc.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3033::ac43:93ae (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xr.dtvi.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	dtvi.club 1 redirects xr.dtvi.club	213 KB
3	trafyield.com 2 redirects www.trafyield.com	4 KB
1	abevc.club 1 redirects www.abevc.club	946 B
14	3

	Domain	Requested by
14	xr.dtvi.club	1 redirects www.trafyield.com xr.dtvi.club
3	www.trafyield.com	2 redirects
1	www.abevc.club	1 redirects
14	3

This site contains links to these domains. Also see Links.

Domain
www.zingload.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834
Frame ID: 0E98B4E1830714170F9B5B448FF9F44F
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.trafyield.com/jump/next.php?r=2204499&sub1=154444_ Page URL
http://www.trafyield.com/jump/next.php?stamat=m%7C%2CQo3O2difrB1dQO0dEdHP3xP.0ae%2CS0kXXHXf2ck-DOZ9HR... HTTP 302
http://www.trafyield.com/script/i.php?stamat=m%7C%2C%2CAhJWYjdXoGU3Bf9GH0dEdHP3xP.ca9%2CyYH-2FI1fF-af... HTTP 302
http://www.abevc.club/?s=1372512-1801477522-1554205996&cid=16219807201509507275066252891148834 HTTP 302
http://xr.dtvi.club/verify.php?xx=100139&s=1372512-1801477522-1554205996&cid=1621980720150950727... HTTP 302
http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

Page Statistics

14
Requests

0 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

215 kB
Transfer

555 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.zingload.com/indices/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.zingload.com/indices/terms
Title: EULA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.trafyield.com/jump/next.php?r=2204499&sub1=154444_ Page URL
http://www.trafyield.com/jump/next.php?stamat=m%7C%2CQo3O2difrB1dQO0dEdHP3xP.0ae%2CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM_p8jWvycEpIvm2bEcw3H6wGCb6XbVOSqtijme44_fS8A%2C%2C&cbrandom=0.344956357276442&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
http://www.trafyield.com/script/i.php?stamat=m%7C%2C%2CAhJWYjdXoGU3Bf9GH0dEdHP3xP.ca9%2CyYH-2FI1fF-afkjM2T4G9clcjjh__dHOjINUGkyedXePUdQw4tDjdxc6ObXQ-wNyyGmNOf-f8KT7O8HNc91gv5Uz0P2pXSKhquK4Abz1SqkQRNu0uCjQONkOMMe0XnEgxDEdrWxqWC-XNExbqKCG9ueVK5_PD_gkBCWQI_oU_Mz_irWM1eMQvZg5AsCqBDKUN0b1OFCoUo_tiiIvyTa3BL7NLhchzOo73EHXNov8nB5PQ9pufC7-4LvsX4ngG1aomU9Z9qOE3KHSLDiHpmmeyYDaN2DHmcraNdcnrDXL_3YWBW7qeISoTlerlpgaZF93e_OLmjFXMTdhvNIz8Cow1b-SlrPzA93FiekaMzNAeK9Bi7V3BSCp3R1INB75Q_a3FF1bfhHatUBj_hXiYorfkHgIo3nJxJw4D7piAbh9zcuy5nQc20SRl4YjBFXPgAcl HTTP 302
http://www.abevc.club/?s=1372512-1801477522-1554205996&cid=16219807201509507275066252891148834 HTTP 302
http://xr.dtvi.club/verify.php?xx=100139&s=1372512-1801477522-1554205996&cid=16219807201509507275066252891148834 HTTP 302
http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	next.php Show response www.trafyield.com/jump/	7 KB 3 KB	151ms 128ms	Document text/html	35.201.127.73 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://www.trafyield.com/jump/next.php?r=2204499&sub1=154444_ Protocol HTTP/1.1 Server 35.201.127.73 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 73.127.201.35.bc.googleusercontent.com Software openresty / Resource Hash `6937a5999b9a8e6cc51c6ed509ddb9409d26cdac29ceade369162cf49948bda9` Request headers Host www.trafyield.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Server openresty Date Tue, 25 May 2021 22:12:00 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 google
GET H/1.1	200 OK	Primary Request Cookie set / Show response xr.dtvi.club/ins/ Redirect Chain http://www.trafyield.com/jump/next.php?stamat=m%7C%2CQo3O2difrB1dQO0dEdHP3xP.0ae%2CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM_p8jWvycEpIvm2bEcw3H6wGCb6XbVOSqtijme44_fS8A%2C%2C&cbrandom=0.3449563572... http://www.trafyield.com/script/i.php?stamat=m%7C%2C%2CAhJWYjdXoGU3Bf9GH0dEdHP3xP.ca9%2CyYH-2FI1fF-afkjM2T4G9clcjjh__dHOjINUGkyedXePUdQw4tDjdxc6ObXQ-wNyyGmNOf-f8KT7O8HNc91gv5Uz0P2pXSKhquK4Abz1SqkQR... http://www.abevc.club/?s=1372512-1801477522-1554205996&cid=16219807201509507275066252891148834 http://xr.dtvi.club/verify.php?xx=100139&s=1372512-1801477522-1554205996&cid=16219807201509507275066252891148834 http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834	32 KB 9 KB	203ms 202ms	Document text/html	2606:4700:3033::ac43:93ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Requested by Host: www.trafyield.com URL: http://www.trafyield.com/jump/next.php?r=2204499&sub1=154444_ Protocol HTTP/1.1 Server 2606:4700:3033::ac43:93ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.5.21 Resource Hash `0a550b73dc1dbe4289e9d0fcf5cf52ce53027363b52764fb906bf3cf871249fd` Request headers Host xr.dtvi.club Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Cookie vt=6778b44a224f3142aed4dcbe2275108fff568f85b6; storeid=geockhihjobemkikonkmbfjgnapekikd; refurl=http%3A%2F%2Fxr.dtvi.club%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16219807201509507275066252891148834; isjp=169058; taskid=100139 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://www.trafyield.com/jump/next.php?r=2204499&sub1=154444_ Response headers Date Tue, 25 May 2021 22:12:01 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/5.5.21 Set-Cookie isjp=234; expires=Tue, 25-May-2021 22:12:00 GMT; Max-Age=-1; path=/; domain=dtvi.club Vary Accept-Encoding CF-Cache-Status DYNAMIC set-cookie taskid=100139; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=378019279; path=/; domain=dtvi.club subid=adsch1; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=378019279; path=/; domain=xr.dtvi.club uid=u2198072160ad76317f653211888421; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=378019279; path=/; domain=xr.dtvi.club ts=55c2bb3820bd215253a0044g9q7o5g0tbb7edm1o5g; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=378019279; path=/; domain=xr.dtvi.club p=100039; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=378019279; path=/; domain=xr.dtvi.club rqp=%7B%22id%22%3A%221621980721323%22%2C%22cid%22%3A%2216219807201509507275066252891148834%22%7D; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=378019279; path=/; domain=dtvi.club vs=xr.dtvi.club; expires=Tue, 25-May-2021 23:12:01 GMT; Max-Age=3600; path=/; domain=xr.dtvi.club cf-request-id 0a472ec9370000060954000000000001 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DzSoP23Y1iN2yjcho3QQEC1wb2A720mYNzq7qo94vl2E5INrvPtbO1L8wRcRddR9y2LlIIL5jv2mTwkwNLmKLt0V2heG%2BIxO4bRkCrzO2VxWq%2Bw%2FhOscBnz4Gr97xthKLS2VT2Wb"}],"group":"cf-nel","max_age":604800} NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 65521a552d2d0609-FRA Content-Encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers Date Tue, 25 May 2021 22:12:01 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/5.5.21 Set-Cookie vt=6778b44a224f3142aed4dcbe2275108fff568f85b6; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=378019279; path=/; domain=xr.dtvi.club location http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834# CF-Cache-Status DYNAMIC set-cookie storeid=geockhihjobemkikonkmbfjgnapekikd; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=378019279; path=/; domain=dtvi.club refurl=http%3A%2F%2Fxr.dtvi.club%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16219807201509507275066252891148834; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=378019279; path=/; domain=dtvi.club isjp=169058; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=378019279; path=/; domain=dtvi.club taskid=100139; expires=Wed, 18-May-2033 03:33:20 GMT; Max-Age=378019279; path=/; domain=dtvi.club cf-request-id 0a472ec86d00000609a3bb5000000001 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YdAR%2BpD05IY0DoJyxg%2B9NFpuFB7b%2BeP5SyuIq%2Bcok2QNUoAydjTad3%2B8XmGLAjamp4tcvB4O6Bt0MndG1xbPVQTpZ7RgxYYICEHjVvJGFT6fGX4HOHSXfESXqC%2B8%2FxCFvWUh8Yu3"}],"group":"cf-nel","max_age":604800} NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 65521a53eb340609-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	css.css xr.dtvi.club/templates/flashsd/css/	7 KB 1 KB	15ms 14ms	Stylesheet text/css	2606:4700:3033::ac43:93ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xr.dtvi.club/templates/flashsd/css/css.css Requested by Host: xr.dtvi.club URL: http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Protocol HTTP/1.1 Server 2606:4700:3033::ac43:93ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0a0619f7c978dc3e78e4774f56444184455d05868ce9950cda38d85299e01796` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xr.dtvi.club Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/css,/;q=0.1 Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Cookie vt=6778b44a224f3142aed4dcbe2275108fff568f85b6; storeid=geockhihjobemkikonkmbfjgnapekikd; refurl=http%3A%2F%2Fxr.dtvi.club%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16219807201509507275066252891148834; taskid=100139; subid=adsch1; uid=u2198072160ad76317f653211888421; ts=55c2bb3820bd215253a0044g9q7o5g0tbb7edm1o5g; p=100039; rqp=%7B%22id%22%3A%221621980721323%22%2C%22cid%22%3A%2216219807201509507275066252891148834%22%7D; vs=xr.dtvi.club Connection keep-alive Cache-Control no-cache Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 22:12:01 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 836 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a472eca090000060994307000000001 Last-Modified Sat, 08 May 2021 04:47:22 GMT Server cloudflare ETag W/"609617da-1c80" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pUSJeWVVDRynuaXhJRgSwyzT0QcZP2gTb2Rtyf0vluuy4OgVmBW36jyFGS4Gmr1fWnaBkfV%2FOHkMYRrwKwDiheAe5J2UzlYzjk0erWyp%2BYbu58Rch06nq%2FxlN5uKcyg08seCSiXL"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 CF-RAY 65521a567f5b0609-FRA
GET H/1.1	200 OK	jquery-1.12.4.min.js Show response xr.dtvi.club/templates/flashsd/js/	95 KB 34 KB	23ms 18ms	Script application/javascript	2606:4700:3033::ac43:93ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xr.dtvi.club/templates/flashsd/js/jquery-1.12.4.min.js Requested by Host: xr.dtvi.club URL: http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Protocol HTTP/1.1 Server 2606:4700:3033::ac43:93ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3` Request headers Pragma no-cache Origin http://xr.dtvi.club Accept-Encoding gzip, deflate Host xr.dtvi.club Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept / Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Cookie vt=6778b44a224f3142aed4dcbe2275108fff568f85b6; storeid=geockhihjobemkikonkmbfjgnapekikd; refurl=http%3A%2F%2Fxr.dtvi.club%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16219807201509507275066252891148834; taskid=100139; subid=adsch1; uid=u2198072160ad76317f653211888421; ts=55c2bb3820bd215253a0044g9q7o5g0tbb7edm1o5g; p=100039; rqp=%7B%22id%22%3A%221621980721323%22%2C%22cid%22%3A%2216219807201509507275066252891148834%22%7D; vs=xr.dtvi.club Connection keep-alive Cache-Control no-cache Origin http://xr.dtvi.club Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 22:12:01 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 836 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a472eca0e00004e0828101000000001 Last-Modified Sat, 08 May 2021 04:47:22 GMT Server cloudflare ETag W/"609617da-17b8e" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oXu7A4jnr%2BxGjmxVT7H%2B%2BtrGasq9ZoeZOt%2B7mcOxulzPcY7O6sfmYJrOcQPKHxTbTTW0UgElzxkMM0x49ftqeKvzBPH1RHhuFZcmtSNUM5W5QxmBv39gHOXgddQWYYm3XBHqeit2"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript; charset=utf-8 Cache-Control max-age=14400 CF-RAY 65521a567ef24e08-FRA
GET H/1.1	200 OK	jquery-ui.js Show response xr.dtvi.club/templates/flashsd/js/	329 KB 79 KB	31ms 25ms	Script application/javascript	2606:4700:3033::ac43:93ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xr.dtvi.club/templates/flashsd/js/jquery-ui.js Requested by Host: xr.dtvi.club URL: http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Protocol HTTP/1.1 Server 2606:4700:3033::ac43:93ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5fc46b8f3182326b32709bfbfa1de2b831aa6ef6508914bbc0a187321c1584b2` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xr.dtvi.club Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept / Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Cookie vt=6778b44a224f3142aed4dcbe2275108fff568f85b6; storeid=geockhihjobemkikonkmbfjgnapekikd; refurl=http%3A%2F%2Fxr.dtvi.club%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16219807201509507275066252891148834; taskid=100139; subid=adsch1; uid=u2198072160ad76317f653211888421; ts=55c2bb3820bd215253a0044g9q7o5g0tbb7edm1o5g; p=100039; rqp=%7B%22id%22%3A%221621980721323%22%2C%22cid%22%3A%2216219807201509507275066252891148834%22%7D; vs=xr.dtvi.club Connection keep-alive Cache-Control no-cache Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 22:12:01 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 836 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a472eca0e00004e0efc09d000000001 last-modified Sat, 08 May 2021 04:47:22 GMT Server cloudflare etag W/"609617da-52380" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Xtnlxn0z41GSA%2Fcn3f45IRuPBjsLjkeP6bUaBone3Ve81uqRkVUoOusXCMT4Er%2BwnuOqoHPk3EzKm6Y%2F91rI67i81VWjoIKCFwAZfOvWpzXjIRYxKfaITXQMvN1hj8CsAdesyVgA"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript; charset=utf-8 Cache-Control max-age=14400 CF-RAY 65521a5679fb4e0e-FRA
GET H/1.1	200 OK	js.cookie.min.js Show response xr.dtvi.club/templates/flashsd/js/	2 KB 2 KB	12ms 12ms	Script application/javascript	2606:4700:3033::ac43:93ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xr.dtvi.club/templates/flashsd/js/js.cookie.min.js Requested by Host: xr.dtvi.club URL: http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Protocol HTTP/1.1 Server 2606:4700:3033::ac43:93ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3138064ce6d74b3a5fa2aed4f07ea29b2039cb745e94911d829cc6e5ef7fe531` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xr.dtvi.club Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept / Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Cookie vt=6778b44a224f3142aed4dcbe2275108fff568f85b6; storeid=geockhihjobemkikonkmbfjgnapekikd; refurl=http%3A%2F%2Fxr.dtvi.club%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16219807201509507275066252891148834; taskid=100139; subid=adsch1; uid=u2198072160ad76317f653211888421; ts=55c2bb3820bd215253a0044g9q7o5g0tbb7edm1o5g; p=100039; rqp=%7B%22id%22%3A%221621980721323%22%2C%22cid%22%3A%2216219807201509507275066252891148834%22%7D; vs=xr.dtvi.club Connection keep-alive Cache-Control no-cache Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 22:12:01 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 836 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a472eca2500004e08d72a0000000001 Last-Modified Sat, 08 May 2021 04:47:22 GMT Server cloudflare ETag W/"609617da-6d8" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=t6S8FgO%2B5PzQKOE1bjlMK7lLPUNKq9bBQmdxnFv15DZWGurRN%2FpH6zaFz1goTuCg5IIJiEsqtgqe7d%2BrvI0lFjeIp%2FvtP45RTsASkPQI9U8zUHEzQ%2FeVQQTUjyoTGRX1PWQEqYrY"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript; charset=utf-8 Cache-Control max-age=14400 CF-RAY 65521a56af254e08-FRA
GET H/1.1	200 OK	main.min.js Show response xr.dtvi.club/templates/flashsd/js/	3 KB 2 KB	18ms 17ms	Script application/javascript	2606:4700:3033::ac43:93ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xr.dtvi.club/templates/flashsd/js/main.min.js Requested by Host: xr.dtvi.club URL: http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Protocol HTTP/1.1 Server 2606:4700:3033::ac43:93ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `19460d606fd119668b99fc0755f899c81b551404ff26d3549fde6d1e5633013e` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xr.dtvi.club Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept / Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Cookie vt=6778b44a224f3142aed4dcbe2275108fff568f85b6; storeid=geockhihjobemkikonkmbfjgnapekikd; refurl=http%3A%2F%2Fxr.dtvi.club%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16219807201509507275066252891148834; taskid=100139; subid=adsch1; uid=u2198072160ad76317f653211888421; ts=55c2bb3820bd215253a0044g9q7o5g0tbb7edm1o5g; p=100039; rqp=%7B%22id%22%3A%221621980721323%22%2C%22cid%22%3A%2216219807201509507275066252891148834%22%7D; vs=xr.dtvi.club Connection keep-alive Cache-Control no-cache Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 22:12:01 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 836 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a472eca3700004e081d1a8000000001 Last-Modified Sat, 08 May 2021 04:47:22 GMT Server cloudflare ETag W/"609617da-c5c" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4Kd9c3oadEn8mjherm3AfWBciU9DtPHLep9oPeFo6AitlbSYHDYQM3RNdzfougqZRzMYFgOd1dvDPpDLZEIlOMtRwlaU%2FCLlrK%2BNV6g3kPUIIGzpztMutaNiHJmc53bOF7RsPLT3"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript; charset=utf-8 Cache-Control max-age=14400 CF-RAY 65521a56bf454e08-FRA
GET H/1.1	200 OK	modernArrow5.png xr.dtvi.club/templates/flashsd/img/	2 KB 3 KB	15ms 14ms	Image image/png	2606:4700:3033::ac43:93ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://xr.dtvi.club/templates/flashsd/img/modernArrow5.png Requested by Host: xr.dtvi.club URL: http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Protocol HTTP/1.1 Server 2606:4700:3033::ac43:93ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cb581c108e747e5625b80e92c27dc682a47ed4a2dc28a72684251a44c52c7518` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xr.dtvi.club Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Cookie vt=6778b44a224f3142aed4dcbe2275108fff568f85b6; storeid=geockhihjobemkikonkmbfjgnapekikd; refurl=http%3A%2F%2Fxr.dtvi.club%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16219807201509507275066252891148834; taskid=100139; subid=adsch1; uid=u2198072160ad76317f653211888421; ts=55c2bb3820bd215253a0044g9q7o5g0tbb7edm1o5g; p=100039; rqp=%7B%22id%22%3A%221621980721323%22%2C%22cid%22%3A%2216219807201509507275066252891148834%22%7D; vs=xr.dtvi.club Connection keep-alive Cache-Control no-cache Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 22:12:01 GMT CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 836 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 2155 cf-request-id 0a472eca3900004e0ece951000000001 Last-Modified Sat, 08 May 2021 04:47:22 GMT Server cloudflare ETag "609617da-86b" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TgvuPgNPm8CYtIsXCe4MuQE7bdlq2ZZhLuOtqLi1hUnJU57pU1AN5PlGr7%2BMW0S%2BLdu2%2FbP5%2FBcp1MbsuG07cZ9mceLiy%2FwANszWWGOd0vUwpECvx0GU5FvVbSObk1GXF7b%2Fexo4"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 65521a56ca714e0e-FRA
GET H/1.1	200 OK	iconNotify.png xr.dtvi.club/templates/flashsd/img/	1 KB 2 KB	18ms 17ms	Image image/png	2606:4700:3033::ac43:93ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://xr.dtvi.club/templates/flashsd/img/iconNotify.png Requested by Host: xr.dtvi.club URL: http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Protocol HTTP/1.1 Server 2606:4700:3033::ac43:93ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `63922506fdbfb3ae80fdd5f314480e13c69fec443b88aaa37f7784715a4c77c6` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xr.dtvi.club Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Cookie vt=6778b44a224f3142aed4dcbe2275108fff568f85b6; storeid=geockhihjobemkikonkmbfjgnapekikd; refurl=http%3A%2F%2Fxr.dtvi.club%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16219807201509507275066252891148834; taskid=100139; subid=adsch1; uid=u2198072160ad76317f653211888421; ts=55c2bb3820bd215253a0044g9q7o5g0tbb7edm1o5g; p=100039; rqp=%7B%22id%22%3A%221621980721323%22%2C%22cid%22%3A%2216219807201509507275066252891148834%22%7D; vs=xr.dtvi.club Connection keep-alive Cache-Control no-cache Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 22:12:01 GMT CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 836 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 1384 cf-request-id 0a472eca4a00004e0ecf1e4000000001 Last-Modified Sat, 08 May 2021 04:47:22 GMT Server cloudflare ETag "609617da-568" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ym6CL8mG%2BvE%2BQLRoVUWfbQYn9A8utXoJ6dyYJFEpNbk3woJ2T%2BhoFARHC%2Bze3cQL1jtDdSZ1glW1rvan9js06Tesx33mlaAF%2Fmd6pIsdblBjKO5vTr0W3VLcX6cDbP%2BizpzVqNGi"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 65521a56daa54e0e-FRA
GET H/1.1	200 OK	fav.png xr.dtvi.club/templates/flashsd/img/	3 KB 4 KB	12ms 12ms	Image image/png	2606:4700:3033::ac43:93ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://xr.dtvi.club/templates/flashsd/img/fav.png Requested by Host: xr.dtvi.club URL: http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Protocol HTTP/1.1 Server 2606:4700:3033::ac43:93ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6173e85de5ab45ef8a1894ff4b3edccd79add6ef47683aa7ee637750ac0de1ce` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xr.dtvi.club Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Cookie vt=6778b44a224f3142aed4dcbe2275108fff568f85b6; storeid=geockhihjobemkikonkmbfjgnapekikd; refurl=http%3A%2F%2Fxr.dtvi.club%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16219807201509507275066252891148834; taskid=100139; subid=adsch1; uid=u2198072160ad76317f653211888421; ts=55c2bb3820bd215253a0044g9q7o5g0tbb7edm1o5g; p=100039; rqp=%7B%22id%22%3A%221621980721323%22%2C%22cid%22%3A%2216219807201509507275066252891148834%22%7D; vs=xr.dtvi.club Connection keep-alive Cache-Control no-cache Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 22:12:01 GMT CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 836 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 2920 cf-request-id 0a472eca4a00004e081a048000000001 Last-Modified Sat, 08 May 2021 04:47:22 GMT Server cloudflare ETag "609617da-b68" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hRlUxyiBUKUul2sIi8yC8EF7EeyyuNRmoc0NxHj0WFhvXV7MZm1NZg%2Bhrpie2IikzUY168LIrslhfofGrHMjQKTp6b%2FcrS7xcBqiUNTY0OGJEC4LZUtiV%2FwxFm2xRK0q8g2qL%2FcQ"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 65521a56df804e08-FRA
GET H/1.1	200 OK	addToChrome.png xr.dtvi.club/templates/flashsd/img/	2 KB 3 KB	54ms 53ms	Image image/png	2606:4700:3033::ac43:93ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://xr.dtvi.club/templates/flashsd/img/addToChrome.png Requested by Host: xr.dtvi.club URL: http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Protocol HTTP/1.1 Server 2606:4700:3033::ac43:93ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5bd7f6b63ad65fa954268fecce982051c2a9cc4d45e48d6fd3940c543ca97906` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xr.dtvi.club Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Cookie vt=6778b44a224f3142aed4dcbe2275108fff568f85b6; storeid=geockhihjobemkikonkmbfjgnapekikd; refurl=http%3A%2F%2Fxr.dtvi.club%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16219807201509507275066252891148834; taskid=100139; subid=adsch1; uid=u2198072160ad76317f653211888421; ts=55c2bb3820bd215253a0044g9q7o5g0tbb7edm1o5g; p=100039; rqp=%7B%22id%22%3A%221621980721323%22%2C%22cid%22%3A%2216219807201509507275066252891148834%22%7D; vs=xr.dtvi.club Connection keep-alive Cache-Control no-cache Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 22:12:01 GMT CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 836 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 2043 cf-request-id 0a472eca6000000609a3bd2000000001 Last-Modified Sat, 08 May 2021 04:47:22 GMT Server cloudflare ETag "609617da-7fb" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Cz8AuN8mepiJtTOZNo5NLVdO%2BtulkJVJRVxMbKVzQ252A9K9LjsU58GHUWyAvutCJNB8AyGIdDOn2gHk%2B32sgaiPcxo9%2Fc9jR0Ky1ouCTgPC4m7zzoTQaB%2BIYRIduR9JvdMDYWZX"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 65521a56dff40609-FRA
GET H/1.1	200 OK	cursor2.png xr.dtvi.club/templates/flashsd/img/	26 KB 27 KB	25ms 25ms	Image image/png	2606:4700:3033::ac43:93ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://xr.dtvi.club/templates/flashsd/img/cursor2.png Requested by Host: xr.dtvi.club URL: http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Protocol HTTP/1.1 Server 2606:4700:3033::ac43:93ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `edb2c96a3b9ae8645ec31e00e23c7031aaa99681a8abc1c49de76bdcc702dd61` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xr.dtvi.club Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Cookie vt=6778b44a224f3142aed4dcbe2275108fff568f85b6; storeid=geockhihjobemkikonkmbfjgnapekikd; refurl=http%3A%2F%2Fxr.dtvi.club%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16219807201509507275066252891148834; taskid=100139; subid=adsch1; uid=u2198072160ad76317f653211888421; ts=55c2bb3820bd215253a0044g9q7o5g0tbb7edm1o5g; p=100039; rqp=%7B%22id%22%3A%221621980721323%22%2C%22cid%22%3A%2216219807201509507275066252891148834%22%7D; vs=xr.dtvi.club Connection keep-alive Cache-Control no-cache Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 22:12:01 GMT CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 836 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 26643 cf-request-id 0a472eca4f00005369ab2e2000000001 Last-Modified Sat, 08 May 2021 04:47:22 GMT Server cloudflare ETag "609617da-6813" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pNQfigZNm7WqzlmWiMuXtXwdhXRr0rlPSnT3uP8BHDykhpuZr0Uz2%2FXOdgW5K35EjMITzVQKY0UwhzjXStU7c7brOWgaT69xuXW5dpaHChbdP%2FMSVVP945cvvHAWlhJBPFtW%2Bnbq"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 65521a56e8005369-FRA
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0c063e621d5f28526faac2d9aa1db19fc40e65913f1e50ab55b6f9c6c45fc16b` Request headers Referer http://xr.dtvi.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	bg.png xr.dtvi.club/templates/flashsd/img/	29 KB 29 KB	22ms 16ms	Image image/png	2606:4700:3033::ac43:93ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://xr.dtvi.club/templates/flashsd/img/bg.png Requested by Host: xr.dtvi.club URL: http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Protocol HTTP/1.1 Server 2606:4700:3033::ac43:93ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d382a7c2f5a33274b2905b3245a7898d9af395decdb5211f4d8ce950524a2d05` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host xr.dtvi.club Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Cookie vt=6778b44a224f3142aed4dcbe2275108fff568f85b6; storeid=geockhihjobemkikonkmbfjgnapekikd; refurl=http%3A%2F%2Fxr.dtvi.club%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16219807201509507275066252891148834; taskid=100139; subid=adsch1; uid=u2198072160ad76317f653211888421; ts=55c2bb3820bd215253a0044g9q7o5g0tbb7edm1o5g; p=100039; rqp=%7B%22id%22%3A%221621980721323%22%2C%22cid%22%3A%2216219807201509507275066252891148834%22%7D; vs=xr.dtvi.club Connection keep-alive Cache-Control no-cache Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 22:12:01 GMT CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 836 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 29406 cf-request-id 0a472eca5500004e496a110000000001 Last-Modified Sat, 08 May 2021 04:47:22 GMT Server cloudflare ETag "609617da-72de" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jjZbvxrBON6CaJm%2BDe8oIGRo1QbadfwhOADMiMCCt3JVIS30L95crDJCygWb1QNWkX00JeXPVZZ%2B7kTAnsd3rbjMIZHUHEcV10XU%2BXUIwWwKSSZLmF7ipinyk%2FGy7Y6cGE91IMNf"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 65521a56ebf64e49-FRA
GET H/1.1	206 Partial Content	light.mp3 xr.dtvi.club/templates/flashsd/img/	16 KB 17 KB	189ms 188ms	Media audio/mpeg	2606:4700:3033::ac43:93ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xr.dtvi.club/templates/flashsd/img/light.mp3 Requested by Host: xr.dtvi.club URL: http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Protocol HTTP/1.1 Server 2606:4700:3033::ac43:93ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `33c4dbad2053699f8332ce40e0edbba0d72563a981950fd574a8f04450b97a63` Request headers Pragma no-cache Accept-Encoding identity;q=1, ;q=0 Host* xr.dtvi.club Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Accept / Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Cookie vt=6778b44a224f3142aed4dcbe2275108fff568f85b6; storeid=geockhihjobemkikonkmbfjgnapekikd; refurl=http%3A%2F%2Fxr.dtvi.club%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16219807201509507275066252891148834; taskid=100139; subid=adsch1; uid=u2198072160ad76317f653211888421; ts=55c2bb3820bd215253a0044g9q7o5g0tbb7edm1o5g; p=100039; rqp=%7B%22id%22%3A%221621980721323%22%2C%22cid%22%3A%2216219807201509507275066252891148834%22%7D; vs=xr.dtvi.club Connection keep-alive Cache-Control no-cache Referer http://xr.dtvi.club/ins/?id=1621980721323&cid=16219807201509507275066252891148834 Accept-Encoding identity;q=1, ;q=0 User-Agent* Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers Date Tue, 25 May 2021 22:12:01 GMT CF-Cache-Status DYNAMIC Last-Modified Sat, 08 May 2021 04:47:22 GMT Server cloudflare ETag "609617da-417a" NEL {"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3RzQiIaOrLW0XYDjrsQgYy3yzlyyoHe4tc3M7rTm94LkPXMPo8HcGuOldc%2FVetK1%2FcK4IxMGB8itMb41148%2BvYwUwlTxWHaxwNJLOANzS1NEcuJzdd6gqvaAsWJVLpztKcHnC%2B9u"}],"group":"cf-nel","max_age":604800} Content-Type audio/mpeg Content-Range bytes 0-16761/16762 Connection keep-alive CF-RAY 65521a570b014e0e-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 16762 cf-request-id 0a472eca6500004e0efe02e000000001

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery string| ver string| info string| hostnameDD function| AddmyTime function| AddmyTime1 boolean| isChrome boolean| cwswindowclosed undefined| oldCWSLeft undefined| oldCWSTop function| openInstall function| openInstall2 function| Yes function| No function| myMove function| myMove1 object| cursor object| canvas object| ctx undefined| cx undefined| cy undefined| x undefined| y object| animationDD function| animateDD object| addTimer object| myVar function| Cookies object| _$_41fc function| getCookie string| refurl number| Py number| px number| py

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dtvi.club/	1970-01-24 03:33:20	Name: rqp Value: %7B%22id%22%3A%221621980721323%22%2C%22cid%22%3A%2216219807201509507275066252891148834%22%7D
			.xr.dtvi.club/	1970-01-24 03:33:20	Name: ts Value: 55c2bb3820bd215253a0044g9q7o5g0tbb7edm1o5g
			.xr.dtvi.club/	1970-01-19 18:33:04	Name: vs Value: xr.dtvi.club
			.xr.dtvi.club/	1970-01-24 03:33:20	Name: subid Value: adsch1
			.xr.dtvi.club/	1970-01-24 03:33:20	Name: p Value: 100039
			.dtvi.club/	1970-01-24 03:33:20	Name: taskid Value: 100139
			.dtvi.club/	1970-01-24 03:33:20	Name: refurl Value: http%3A%2F%2Fxr.dtvi.club%2Fverify.php%3Fxx%3D100139%26s%3D1372512-1801477522-1554205996%26cid%3D16219807201509507275066252891148834
			.xr.dtvi.club/	1970-01-24 03:33:20	Name: uid Value: u2198072160ad76317f653211888421
			.dtvi.club/	1970-01-24 03:33:20	Name: storeid Value: geockhihjobemkikonkmbfjgnapekikd
			.xr.dtvi.club/	1970-01-24 03:33:20	Name: vt Value: 6778b44a224f3142aed4dcbe2275108fff568f85b6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.abevc.club
www.trafyield.com
xr.dtvi.club
2606:4700:3032::ac43:de81
2606:4700:3033::ac43:93ae
35.201.127.73
0a0619f7c978dc3e78e4774f56444184455d05868ce9950cda38d85299e01796
0a550b73dc1dbe4289e9d0fcf5cf52ce53027363b52764fb906bf3cf871249fd
0c063e621d5f28526faac2d9aa1db19fc40e65913f1e50ab55b6f9c6c45fc16b
19460d606fd119668b99fc0755f899c81b551404ff26d3549fde6d1e5633013e
3138064ce6d74b3a5fa2aed4f07ea29b2039cb745e94911d829cc6e5ef7fe531
33c4dbad2053699f8332ce40e0edbba0d72563a981950fd574a8f04450b97a63
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
5bd7f6b63ad65fa954268fecce982051c2a9cc4d45e48d6fd3940c543ca97906
5fc46b8f3182326b32709bfbfa1de2b831aa6ef6508914bbc0a187321c1584b2
6173e85de5ab45ef8a1894ff4b3edccd79add6ef47683aa7ee637750ac0de1ce
63922506fdbfb3ae80fdd5f314480e13c69fec443b88aaa37f7784715a4c77c6
6937a5999b9a8e6cc51c6ed509ddb9409d26cdac29ceade369162cf49948bda9
cb581c108e747e5625b80e92c27dc682a47ed4a2dc28a72684251a44c52c7518
d382a7c2f5a33274b2905b3245a7898d9af395decdb5211f4d8ce950524a2d05
edb2c96a3b9ae8645ec31e00e23c7031aaa99681a8abc1c49de76bdcc702dd61