urlscan.io logo urlscan.io
SecurityTrails logo

play.ptdbsviissay.cc Open in urlscan Pro
2600:9000:2240:3800:1c:9c58:8240:93a1  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.dbsv-trada.vip/
Effective URL: https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_t...
Submission: On August 27 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 54 HTTP transactions. The main IP is 2600:9000:2240:3800:1c:9c58:8240:93a1, located in United States and belongs to AMAZON-02, US. The main domain is play.ptdbsviissay.cc.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 7th 2024. Valid for: a year.
This is the only time play.ptdbsviissay.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
2 5 2606:4700:303... 13335 (CLOUDFLAR...)
32 2600:9000:224... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700:440... 13335 (CLOUDFLAR...)
10 2606:4700:440... 13335 (CLOUDFLAR...)
54 6
5    2606:4700:3030::ac43:81a2 (United States)

ASN13335 (CLOUDFLARENET, US)
www.dbsv-trada.vip
32    2600:9000:2240:3800:1c:9c58:8240:93a1 (United States)

ASN16509 (AMAZON-02, US)
play.ptdbsviissay.cc
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2606:4700:4400::ac40:914c (United States)

ASN13335 (CLOUDFLARENET, US)
static.roibest.com
10    2606:4700:4400::ac40:9a69 (United States)

ASN13335 (CLOUDFLARENET, US)
5954897322-pb0tp3hd.bttzs.com
Apex Domain
Subdomains		 Transfer
32 ptdbsviissay.cc
play.ptdbsviissay.cc Failed
175 KB
10 bttzs.com
5954897322-pb0tp3hd.bttzs.com
858 B
7 roibest.com
static.roibest.com — Cisco Umbrella Rank: 121081
411 KB
5 dbsv-trada.vip
www.dbsv-trada.vip
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
49 KB
54 5
Domain Requested by
32 play.ptdbsviissay.cc play.ptdbsviissay.cc
10 5954897322-pb0tp3hd.bttzs.com play.ptdbsviissay.cc
7 static.roibest.com play.ptdbsviissay.cc
5 www.dbsv-trada.vip 2 redirects www.dbsv-trada.vip
1 www.googletagmanager.com play.ptdbsviissay.cc
54 5

This site contains no links.

Subject Issuer Validity Valid
dbsv-trada.vip
WE1		 2024-08-01 -
2024-10-30		 3 months crt.sh
play.ptdbsviissay.cc
Amazon RSA 2048 M02		 2024-08-07 -
2025-09-05		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
static.roibest.com
E6		 2024-07-23 -
2024-10-21		 3 months crt.sh
bttzs.com
WE1		 2024-07-14 -
2024-10-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
Frame ID: D54B35E9890D8E12E792D96D211532BC
Requests: 49 HTTP requests in this frame

Frame: https://5954897322-pb0tp3hd.bttzs.com/rus/Il?uuid=U2408276262072614300382424&unionid=
Frame ID: 930659C4861864603AE148B24F08E1DE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DBSV mTrading Indonesia

Page URL History Show full URLs

  1. https://www.dbsv-trada.vip/ Page URL
  2. https://www.dbsv-trada.vip/cdn-cgi/phish-bypass?atok=MV2l.zduJE7qe8.1ELNDtxXjPUvh1CCnhfP7UApcT.Y-172476... HTTP 301
    https://www.dbsv-trada.vip/ HTTP 302
    https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_ur... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

54
Requests

98 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

643 kB
Transfer

1049 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.dbsv-trada.vip/ Page URL
  2. https://www.dbsv-trada.vip/cdn-cgi/phish-bypass?atok=MV2l.zduJE7qe8.1ELNDtxXjPUvh1CCnhfP7UApcT.Y-1724764536-0.0.1.1-%2F HTTP 301
    https://www.dbsv-trada.vip/ HTTP 302
    https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://www.dbsv-trada.vip/favicon.ico HTTP 302
  • https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.dbsv-trada.vip/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dbsv-trada.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:81a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd01b537f50c69e818ba9bf574189181db22a87787ae9a6c220c15a853f4d2a5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-ray
8b9c54d30a6bd40d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 27 Aug 2024 13:15:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wLCdWSfnkCKWEx28waLLvlQ5OxHd%2Bt9H0bqowL2s329T%2FDmf5Ax%2B4DCum%2FE9HjFpIiyiLqCpx97qkjUbxbtME3LnxQ8aG7xJna32XzzX73LNLyXh8tF0CN2pwYLywNj%2BNnsumodfF3sEDEyADR9XsHQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
www.dbsv-trada.vip/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dbsv-trada.vip/cdn-cgi/styles/cf.errors.css
Requested by
Host: www.dbsv-trada.vip
URL: https://www.dbsv-trada.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:81a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.dbsv-trada.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 13:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 21 Aug 2024 12:07:35 GMT
server
cloudflare
etag
W/"66c5d887-5df3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
8b9c54d3bc42d40d-FRA
expires
Tue, 27 Aug 2024 15:15:36 GMT
icon-exclamation.png
www.dbsv-trada.vip/cdn-cgi/images/ 		452 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dbsv-trada.vip/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: www.dbsv-trada.vip
URL: https://www.dbsv-trada.vip/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:81a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.dbsv-trada.vip/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 13:15:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Aug 2024 12:07:35 GMT
server
cloudflare
etag
"66c5d887-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
8b9c54d40d01d40d-FRA
content-length
452
expires
Tue, 27 Aug 2024 15:15:36 GMT
4157267578_main.html
play.ptdbsviissay.cc/4157267578/
Redirect Chain
  • https://www.dbsv-trada.vip/favicon.ico
  • https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
0
0
Primary Request 4157267578_main.html
play.ptdbsviissay.cc/4157267578/
Redirect Chain
  • https://www.dbsv-trada.vip/cdn-cgi/phish-bypass?atok=MV2l.zduJE7qe8.1ELNDtxXjPUvh1CCnhfP7UApcT.Y-1724764536-0.0.1.1-%2F
  • https://www.dbsv-trada.vip/
  • https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a638d6abaecd5ac05c142bf36e7b6d095589c17cc9ffbd22fae070f687cf5a68

Request headers

Referer
https://www.dbsv-trada.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
19169
content-encoding
gzip
content-type
text/html
date
Tue, 27 Aug 2024 07:56:13 GMT
etag
W/"427981241e604b0b2d393863a1ce9cf6"
last-modified
Wed, 21 Aug 2024 03:36:12 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
x-amz-cf-id
BFz6FEdxH2uAP9lFvfd-Nn1d1BAVe390NldjPoYNmlGHYRjAQwh00g==
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
QtwJaOQew0CE0N838QecRxgznPjuEadE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b9c54eae936d40d-FRA
content-type
text/html
date
Tue, 27 Aug 2024 13:15:41 GMT
location
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3b3bYCd8bFRHo5eF6IzQP3k%2F1hZ9I6PhVH1ldKg6PhpU6UksFBNqYPfmBxMc%2BpHFqTTydVPL7Gfzn2H5RAwtCXQIhmYKe77LDnDm6J6oZlWWTjrvbaPFbZ0oAK11nPp%2FYOtxtr4NPJftVq1lwwCbEs8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
install-5ebdc1bba3721a4ee687.js
play.ptdbsviissay.cc/roibest-assets/js/ 		98 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.ptdbsviissay.cc/roibest-assets/js/install-5ebdc1bba3721a4ee687.js
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
692fb4e2580cd922c601533dcfe15c5dd51093f4d4a8bf52077f78d433c590f2

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 07:56:30 GMT
x-amz-version-id
GxXy2xJ3apfxluX4gYlIqqm5T5P.hsPi
content-encoding
br
last-modified
Tue, 27 Aug 2024 07:56:30 GMT
server
AmazonS3
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"8af65884ed2b97e35abc73a63ac3225d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
age
19151
x-amz-cf-id
jQ_LxKR7TQLfijFHbvQXO9tjMVkmFTDLI4KrKRvOjUDXL0rQI4iygQ==
install-0220c2efeab3c95e635d.css
play.ptdbsviissay.cc/roibest-assets/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play.ptdbsviissay.cc/roibest-assets/css/install-0220c2efeab3c95e635d.css
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c27c22381baab6ae9f4f6106084d14513deb3aff9e73debe46e799585e984413

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 07:56:30 GMT
x-amz-version-id
CSyUlNQAuE0dag15WQzTNLAZK57cXK32
content-encoding
br
last-modified
Tue, 27 Aug 2024 07:56:30 GMT
server
AmazonS3
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"02394abe04c57ffb97d1891214dc2990"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
age
19152
x-amz-cf-id
dxkEfLZmtrycN8p_SRY0Q1HD5MpIGQgHm1PJQWyz_GK8iQ42NvTzuA==
ic_editors_choice-90a4c40deaa30c9e44e2.png
play.ptdbsviissay.cc/roibest-assets/images/ 		455 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_editors_choice-90a4c40deaa30c9e44e2.png
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c4fd5a1098ded56d52c384c882b7e7c19ffa5bdda7fd6e5cf237748b216b5fd

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:11 GMT
x-amz-version-id
6aKbzMMAYt5b9uvUDMZZ5JfxMc9KAevP
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18331
etag
"2210a93393f5a967db03cd8e8a37b3bf"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
455
x-amz-cf-id
laaQMyEzkoQO25cQiytyC29n1P-rqtl_QE3oFFvCDoCJdbnOgTvR0w==
js
www.googletagmanager.com/gtag/ 		129 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=23134234
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/roibest-assets/js/install-5ebdc1bba3721a4ee687.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ee9702db6bd9b9cb785a537dd47af4a9e40734c69999853409967afabf186f4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://play.ptdbsviissay.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 13:15:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50112
x-xss-protection
0
last-modified
Tue, 27 Aug 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 27 Aug 2024 13:15:41 GMT
locale6-706bde3de9d8fb097dae.js
play.ptdbsviissay.cc/roibest-assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.ptdbsviissay.cc/roibest-assets/js/locale6-706bde3de9d8fb097dae.js
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/roibest-assets/js/install-5ebdc1bba3721a4ee687.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc0ba79246e53f9e368dd9fd490dc0255d6b1d0af31e0bb8e2a9926d99b3b197

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 07:56:31 GMT
x-amz-version-id
8.Az2ttmWgySUBTABV7Xd4QMdd3jpxU9
content-encoding
br
last-modified
Tue, 27 Aug 2024 07:56:30 GMT
server
AmazonS3
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"6be2c6bc5c7dc2399937153b9a76e5cc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
age
19151
x-amz-cf-id
F0NDowPp-rDsjvMnXPncqGlsJjTW_x6KF-iRnchqbt1fgcgcyKWDPw==
dns.json
play.ptdbsviissay.cc/4157267578/ 		52 B
456 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.ptdbsviissay.cc/4157267578/dns.json
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/roibest-assets/js/install-5ebdc1bba3721a4ee687.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ca8f1907aae91a0db716a240837d9933bd51121405c04613bf3119657782839

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:12 GMT
x-amz-version-id
CpHI6_RcXcs3SqK5qOoyG2lzyPI_dzzi
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Aug 2024 12:17:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"8aa1573d813ec8bcd3940e3f222a6a83"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
52
x-amz-cf-id
IbLiomZiTfkN0X821_HFZu8n4WUodDPw9WvU1R_vYSY708FQzY2Gag==
GoogleSans-Regular.ttf
static.roibest.com/assets/font/ 		117 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.roibest.com/assets/font/GoogleSans-Regular.ttf
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/roibest-assets/css/install-0220c2efeab3c95e635d.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::ac40:914c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974ee8402aed7391f8ed35155db12950697bcbbe3ad01abfb81718b65cb1960d

Request headers

Referer
https://play.ptdbsviissay.cc/
Origin
https://play.ptdbsviissay.cc
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 13:15:41 GMT
x-amz-version-id
DsEyrfk1fTvjgZJF0bdN3lws9xk5uSXc
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
age
6606
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 13 May 2024 05:40:17 GMT
server
cloudflare
etag
W/"b5c77a6aed75cdad9489effd0d5ea411"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, POST
content-type
font/ttf
access-control-allow-origin
*
vary
Accept-Encoding
cf-ray
8b9c54f18e963663-FRA
x-amz-cf-id
yht-Rde9wdSIX6QfkQJa-6t8a0U8l5mEeTGTT8osDgBJhqKTf4eSMw==
GoogleSans-Medium.ttf
static.roibest.com/assets/font/ 		116 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.roibest.com/assets/font/GoogleSans-Medium.ttf
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/roibest-assets/css/install-0220c2efeab3c95e635d.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::ac40:914c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cdf0063c8c613033b911b0eb7162aa0a3931b4129ba193163e71dc7d8e16e4b

Request headers

Referer
https://play.ptdbsviissay.cc/
Origin
https://play.ptdbsviissay.cc
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 13:15:41 GMT
x-amz-version-id
W94VkettKnBOisTCOvHN157EV1HFXLA.
via
1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
age
5867
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 13 May 2024 05:40:17 GMT
server
cloudflare
etag
W/"8d57e4014b18edef070d285746485115"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, POST
content-type
font/ttf
access-control-allow-origin
*
vary
Accept-Encoding
cf-ray
8b9c54f18ea03663-FRA
x-amz-cf-id
AY1vy400IbFcZ-3JFObEiu2Azc1l_EvCMXUn1jbygDuL8oEVe28M3w==
set
5954897322-pb0tp3hd.bttzs.com/app/ 		455 B
355 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://5954897322-pb0tp3hd.bttzs.com/app/set?project_id=4157267578
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/roibest-assets/js/install-5ebdc1bba3721a4ee687.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.15
Resource Hash
2ca5689b21ac4f8b882894218086724028514e0c55dc71e703c2c6fe751d5d04
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://play.ptdbsviissay.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Aug 2024 13:15:42 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
PHP/8.2.15
x-ip-src-lat
51.29930
x-ip-src-country
DE
x-request-id
79d6b8c9f4f70afbe7c552a0485b478c
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
origin
access-control-allow-credentials
true
x-ip-src-lon
9.49100
cf-ray
8b9c54f51ba0d365-FRA
access-control-allow-headers
*
x-ip-src
2a01:4a0:1338:93::8
set
5954897322-pb0tp3hd.bttzs.com/app/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://5954897322-pb0tp3hd.bttzs.com/app/set?project_id=4157267578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.15
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://play.ptdbsviissay.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
8b9c54f28bdcd365-FRA
date
Tue, 27 Aug 2024 13:15:42 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
origin
x-content-type-options
nosniff
x-ip-src
2a01:4a0:1338:93::8
x-ip-src-country
DE
x-ip-src-lat
51.29930
x-ip-src-lon
9.49100
x-powered-by
PHP/8.2.15
x-request-id
538e0949034926a16144514e247473d0
favicon.png
play.ptdbsviissay.cc/4157267578/roibest/icons/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/4157267578/roibest/icons/favicon.png
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f07c2225331f924e0902240e44830f8a02cd1135511e893e683d336a0ac2c7f

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 07:56:49 GMT
x-amz-version-id
GrD0mTVRVi1cRMWfXtDb.piJwd_T.p20
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 03:36:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
19133
etag
"aa45d7077e3dcbdd19eb25d7dd5a2a33"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
36080
x-amz-cf-id
UQUCcplEQB5SlmOQ3cnFoUNZHN-jjFEpLx3rN5Qtwz5-1u_OnUM3UQ==
ic_tag-132e314a1fc198d5b943.png
play.ptdbsviissay.cc/roibest-assets/images/ 		921 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_tag-132e314a1fc198d5b943.png
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50c324787d32b5687b17d19a4b6eff7ec62ba4137d0036bf20ce6b91f593628b

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:12 GMT
x-amz-version-id
t1Fb.bNWY7vIq3jHa1a74YlszYq4pkHa
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"011d6e7786814ab3541d9bf9ffee5dbf"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
921
x-amz-cf-id
KQyoke0XVo46jfd7dIME1pD4gpklOynuIioTv529Wu14UZecizoEYw==
ic_dun-175b2705681df4e189f2.png
play.ptdbsviissay.cc/roibest-assets/images/ 		518 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_dun-175b2705681df4e189f2.png
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
851247e401d6728370df8b98f02bdf47e99770326ec69a08a514738eef2a6f9a

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:12 GMT
x-amz-version-id
nVrVJy8jaxxTdcpcxGLJuZRwBavgXmY8
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"55dd096ecb0f855e9545ce5456b0f687"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
518
x-amz-cf-id
j2cuXt-yKzrJ3BVonNCUs9VmALQTFXJdfpBeMGN43hmT3c_YHmqzbA==
ic_x-5cfcc16318512e841386.png
play.ptdbsviissay.cc/roibest-assets/images/ 		508 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_x-5cfcc16318512e841386.png
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fbb946f137aebafac40a10739a1859fb20fcb202dc8008229280b87af07f5ffe

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:12 GMT
x-amz-version-id
r8l7WF9Kgq_vjHQaIsBhUxAs4obIJDVG
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"538d135dafe61728edc527b4ad13ce5c"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
508
x-amz-cf-id
gH5_89FOdTU094MnHMLwsMQ4ZUz2XPt3W7JijcPSXbHJlJWhj-DwTQ==
ic_share-348e8e1e95f36c915880.png
play.ptdbsviissay.cc/roibest-assets/images/ 		740 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_share-348e8e1e95f36c915880.png
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d33b8e1c6c1e6859fd0a422ddcfdbee78f60d2b550d5f59851712534e96750b1

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:12 GMT
x-amz-version-id
gGQ2JR74EgN5UW2afofBZFNVLMpTya8G
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"e34167db6a2f39e49126bad32f293663"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
740
x-amz-cf-id
o07iQnia2rrx6Rvq5sE7FUMC6PSiuz6D1U2pbpy6XEOWc6LjVkk5cw==
ic_addwishlist-2a33e12e8e5ed5501dfc.png
play.ptdbsviissay.cc/roibest-assets/images/ 		515 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_addwishlist-2a33e12e8e5ed5501dfc.png
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ebd3f890c3d518b5ee93973a858db62a8d1dd1c2241e88d6b56735c183866a1b

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:12 GMT
x-amz-version-id
k0cyMz8FgqDYt02jnoOqeVKoDDN0wHjQ
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"913c1e971e0d167b51552873b130e3b5"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
515
x-amz-cf-id
OlFU5462dg-JrYoLh_eqGFvD_dk0q-8ubeNphvzxHBnGAHEU3jIpmQ==
ic_arrow_right-ecd0952f3569bde7f2bd.png
play.ptdbsviissay.cc/roibest-assets/images/ 		175 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_arrow_right-ecd0952f3569bde7f2bd.png
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1666e27c0c788418cb9bd2e214086b4d4e42fab5198890dedcbf4c0ad8977d4

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:12 GMT
x-amz-version-id
AJ6Ic5cIZQGpg0b3sPqI536zELDiRvrO
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"23d3aec38b3c213120122617a3074ed3"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
175
x-amz-cf-id
fcVlABOPuC4Qq94uyaOJ2tVH9X1jj3qZ1VlRkoQNDKhCl6jCQKhEaw==
ic_data_share-0a04b46579b65b109794.png
play.ptdbsviissay.cc/roibest-assets/images/ 		718 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_data_share-0a04b46579b65b109794.png
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68b8e4c1bc76b859c5ea2e42293846ea476199743a129ea84db82cc9c2ec3dbc

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:12 GMT
x-amz-version-id
D1TRYWx6krseJEYT.mgIih1EzdKe.krH
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"1f18d6d3e1164dd7f15a0d8ee9fca9bd"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
718
x-amz-cf-id
Zzs2X4N700jbeJcbN_XTZHKkR7vP-DYKMtVAIE8x1yIvWQz4PueV5g==
ic_cloud_upload-12904a12c1aa88f2d082.png
play.ptdbsviissay.cc/roibest-assets/images/ 		784 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_cloud_upload-12904a12c1aa88f2d082.png
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99c6a65a82fc4b58e00995480f54f600ca1fee0b4a08d812b973b86c5a3fea25

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:12 GMT
x-amz-version-id
1uaThx5V481puS_GJGtqEFiKpHFDAKi2
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"05167acb9173d089bf160a78fae65969"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
784
x-amz-cf-id
OPTaT1gGIPPHfPCyo3LvY-DTdbQf6KgS44rmytbMxecrZ3BXwdsFIw==
ic_lock-216fc77ae7e0db5800f3.png
play.ptdbsviissay.cc/roibest-assets/images/ 		672 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_lock-216fc77ae7e0db5800f3.png
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20cdca261908700839619b02a3280f4135e952e93caf6679ed71900d16b87841

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:12 GMT
x-amz-version-id
SgFQVBe9AfBKCDZEs6zGvXAphJ95qR_3
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"6d5f7b3c5c255b621cacda26def4becb"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
672
x-amz-cf-id
aZ98MPglsdsZZcmfsTDVsi-jV6eGlI5K7EIoDLl844kFKS6P4rkKmw==
ic_delete-bfa3513105268d92d830.png
play.ptdbsviissay.cc/roibest-assets/images/ 		451 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_delete-bfa3513105268d92d830.png
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd8f46dadaba7bf6b6b65339c1046b13b88182d1b2cfe061ad608a93ceb44ae0

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:12 GMT
x-amz-version-id
B5A2X2HfFHVhQgVs52.EzvdNfRvog8YD
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"5709f0ff072a5499e5e30d567c54e4a6"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
451
x-amz-cf-id
uyPjAcd2C_84z6PXt7_q0uwQTrKI6OgJ8jW2iwdpL1tf9_6nGOkSJQ==
favicon.png
play.ptdbsviissay.cc/4157267578/roibest/icons/ 		35 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://play.ptdbsviissay.cc/4157267578/roibest/icons/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f07c2225331f924e0902240e44830f8a02cd1135511e893e683d336a0ac2c7f

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 07:56:49 GMT
x-amz-version-id
GrD0mTVRVi1cRMWfXtDb.piJwd_T.p20
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 03:36:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
19133
etag
"aa45d7077e3dcbdd19eb25d7dd5a2a33"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
36080
x-amz-cf-id
UQUCcplEQB5SlmOQ3cnFoUNZHN-jjFEpLx3rN5Qtwz5-1u_OnUM3UQ==
status
5954897322-pb0tp3hd.bttzs.com/share/fission/ 		46 B
136 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://5954897322-pb0tp3hd.bttzs.com/share/fission/status
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/roibest-assets/js/install-5ebdc1bba3721a4ee687.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.15
Resource Hash
f76b80a24415d5c893ff3123f4c06ac777cdf71a7c6123e4af04e2b0ceac33ab
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://play.ptdbsviissay.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Aug 2024 13:15:42 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
PHP/8.2.15
x-ip-src-lat
51.29930
x-ip-src-country
DE
x-request-id
6f58c22b0896ed537a470198705be2d2
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
origin
access-control-allow-credentials
true
x-ip-src-lon
9.49100
cf-ray
8b9c54f79ba1d365-FRA
access-control-allow-headers
*
x-ip-src
2a01:4a0:1338:93::8
uuid
5954897322-pb0tp3hd.bttzs.com/create/ 		71 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://5954897322-pb0tp3hd.bttzs.com/create/uuid
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/roibest-assets/js/install-5ebdc1bba3721a4ee687.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.15
Resource Hash
e474cb31db51150a92ec8e86514a2c18bdf9a4a57122313f8c37f2d3abf1c85b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://play.ptdbsviissay.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Aug 2024 13:15:43 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
PHP/8.2.15
x-ip-src-lat
51.29930
x-ip-src-country
DE
x-request-id
58831d437d3831f16edbb0a17e98dd5f
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
origin
access-control-allow-credentials
true
x-ip-src-lon
9.49100
cf-ray
8b9c54f938c1d365-FRA
access-control-allow-headers
*
x-ip-src
2a01:4a0:1338:93::8
b868edab6ed0f3a2882107cc5ee3bfb566b365545e79a.png
static.roibest.com/oss_upload/202408/07/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.roibest.com/oss_upload/202408/07/b868edab6ed0f3a2882107cc5ee3bfb566b365545e79a.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::ac40:914c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bce84da3e9894f94702c54ab3acea87cf9aa74568bcd50e96927a4ccd8da533

Request headers

Referer
https://play.ptdbsviissay.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 13:15:42 GMT
x-amz-version-id
CuLrGkFdmiyqhtE5pi9pAd8fZJP4OMTi
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P2
age
5841
x-amz-server-side-encryption
AES256
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=G3ivZKZVC82qqZMMnIs5XZANSVvBqKsL.hXxxPPqnwQ-1724764542-1.0.1.1-Phb21M5LvstoDSSH7s4ravDInWRnBMT7Zp6oYAmdt5zjsFFXQCmdLjnoaPNtyf3ppALNeUBWjqfMm9pMAmoJtDnocYGwAhHFj5j1fAkqHKrWshfRh8Pg3CKt9j6xEB6LX4e8COhC6V_yg47p7HEBJA0ocA3S2fN6Vr8jhXvms6A; report-to cf-csp-endpoint
x-cache
Hit from cloudfront
content-length
31342
last-modified
Wed, 07 Aug 2024 12:15:17 GMT
server
cloudflare
etag
"69e9f6ad34c9e58355f14e80936c7e29"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=G3ivZKZVC82qqZMMnIs5XZANSVvBqKsL.hXxxPPqnwQ-1724764542-1.0.1.1-Phb21M5LvstoDSSH7s4ravDInWRnBMT7Zp6oYAmdt5zjsFFXQCmdLjnoaPNtyf3ppALNeUBWjqfMm9pMAmoJtDnocYGwAhHFj5j1fAkqHKrWshfRh8Pg3CKt9j6xEB6LX4e8COhC6V_yg47p7HEBJA0ocA3S2fN6Vr8jhXvms6A"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
8b9c54f6fc4cd2db-FRA
x-amz-cf-id
rE6z9olCFwjm1LlTWtWAkKg4cgZ9m23s0mLyWt1tTFXXoDRH4ic5hQ==
ic_full_star-f625888302981fac22a1.png
play.ptdbsviissay.cc/roibest-assets/images/ 		503 B
899 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_full_star-f625888302981fac22a1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
170211c416e8853ab980d6ed3a91cca2fdfccb28f095322d232dcad9a6e83bfc

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=&rb_page=1&rb_time=1724764542458
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:13 GMT
x-amz-version-id
r_tv2w6B13QN.yYhgfUzbS0va1mvcias
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"aba69bc47e71b613d95a5b3d048daf14"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
503
x-amz-cf-id
AfIZeQV3bTIj72asFpRMy5SSaYHZl_JTSu7KF3fytZ2Br8aNd601mw==
status
5954897322-pb0tp3hd.bttzs.com/share/fission/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://5954897322-pb0tp3hd.bttzs.com/share/fission/status
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.15
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://play.ptdbsviissay.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
8b9c54f67ffcd365-FRA
date
Tue, 27 Aug 2024 13:15:42 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
origin
x-content-type-options
nosniff
x-ip-src
2a01:4a0:1338:93::8
x-ip-src-country
DE
x-ip-src-lat
51.29930
x-ip-src-lon
9.49100
x-powered-by
PHP/8.2.15
x-request-id
63c77b1ad14e210eed686ec4cdb08654
uuid
5954897322-pb0tp3hd.bttzs.com/create/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://5954897322-pb0tp3hd.bttzs.com/create/uuid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.15
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://play.ptdbsviissay.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
8b9c54f67800d365-FRA
date
Tue, 27 Aug 2024 13:15:42 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
origin
x-content-type-options
nosniff
x-ip-src
2a01:4a0:1338:93::8
x-ip-src-country
DE
x-ip-src-lat
51.29930
x-ip-src-lon
9.49100
x-powered-by
PHP/8.2.15
x-request-id
0b525efcb6b9c08073a24877786e0340
9cd218da54b5d905751f01eca46b688a66b36594bc74e.png
static.roibest.com/oss_upload/202408/07/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.roibest.com/oss_upload/202408/07/9cd218da54b5d905751f01eca46b688a66b36594bc74e.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::ac40:914c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c267d68d6299cc5726736ad400f2ed37ec6be1c30fc460f78bf6f8436f8bc7a5

Request headers

Referer
https://play.ptdbsviissay.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 13:15:42 GMT
x-amz-version-id
5jwOSYUydosyewlYFI37bs93pipK4Z1p
via
1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P2
age
5841
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
92329
last-modified
Wed, 07 Aug 2024 12:16:21 GMT
server
cloudflare
etag
"4b8c9a7efb7dbba47850c7e07ef5964d"
vary
Accept-Encoding, Origin
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
8b9c54f6fc51d2db-FRA
x-amz-cf-id
fK09qiEfkCVtZYOATu9RxZXB2-PMmWPYTI5hMVvJOHDrjQvDVf2NvA==
87bab852c64ace13d59caaa4fd1b651c66b3659b8a061.png
static.roibest.com/oss_upload/202408/07/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.roibest.com/oss_upload/202408/07/87bab852c64ace13d59caaa4fd1b651c66b3659b8a061.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::ac40:914c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79d6f98196471624f5aded148b05a1862c117fbbf3824dae763dde00d8a72993

Request headers

Referer
https://play.ptdbsviissay.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 13:15:42 GMT
x-amz-version-id
_BDYNidPLQnEkKlkpzaFbl1fedQAJv2D
via
1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P2
age
5841
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
36964
last-modified
Wed, 07 Aug 2024 12:16:28 GMT
server
cloudflare
etag
"dad9cc62a3b912e5bf8d91fe3907f7ea"
vary
Accept-Encoding, Origin
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
8b9c54f6fc4ed2db-FRA
x-amz-cf-id
CvJ2KdlySyQY7djiQF7lSKAb02B6piNUivi84oRcgwU6FI8KsweL5w==
354a4bbbfe8fb04533a86cea6abd21bc66b365a29d346.png
static.roibest.com/oss_upload/202408/07/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.roibest.com/oss_upload/202408/07/354a4bbbfe8fb04533a86cea6abd21bc66b365a29d346.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::ac40:914c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61f45e037e0d5d1143a31e3c478f25a4c06ea480251468556d5f51779e896768

Request headers

Referer
https://play.ptdbsviissay.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 13:15:42 GMT
x-amz-version-id
E29WabEdrzVZzsBxyq6ru5vfWMmz7SBw
via
1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P2
age
5841
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
126161
last-modified
Wed, 07 Aug 2024 12:16:35 GMT
server
cloudflare
etag
"cf5603540982bbba8b39a48b41e76eab"
vary
Origin, Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
8b9c54f6fc50d2db-FRA
x-amz-cf-id
stwKsetLvuzv3anzSdzK9S6eZhUPX69yQdHw_71U_Y_R3FOoXi7f-g==
ic_phone-7de36d2d9891b9ea7367.png
play.ptdbsviissay.cc/roibest-assets/images/ 		257 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_phone-7de36d2d9891b9ea7367.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f890af30f9b4bdb78b7137827185eac58c6b4260fbb927cc402cb3a36308e72b

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=&rb_page=1&rb_time=1724764542458
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:13 GMT
x-amz-version-id
ykoD1JQjqurvjBXPCmyQvRgeFgHAughr
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"3d598629a3dcdc3db536351760616319"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
257
x-amz-cf-id
KbzJXx3TzyTJWHfrI2tHtPBcFpEFoaAIY6boHQjpe1mdIXFUr8T1zg==
ic_tablet-398a96a32c0c16db8558.png
play.ptdbsviissay.cc/roibest-assets/images/ 		281 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_tablet-398a96a32c0c16db8558.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b0f60ea4546aa6b8d2073cacf42d5b58922a50d3e5fb7c6f6a1b15acce7d6fd

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=&rb_page=1&rb_time=1724764542458
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:13 GMT
x-amz-version-id
3UVtcgF0Hikm0Z3poL.bIm0EUJm7tDfs
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"2ba71aed8a74831e338f7d6be7a524d0"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
281
x-amz-cf-id
jX3JjCn0jjcSe3egnUpuOIggIehYcUy30B08EkaE2IZThzoS0qHcZQ==
default_avatar_3.png
static.roibest.com/assets/roibest/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.roibest.com/assets/roibest/images/default_avatar_3.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::ac40:914c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0262200fe10f2f7e73bcc56b2dffa705d2722134854f7a3f62490c5bca876328

Request headers

Referer
https://play.ptdbsviissay.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 13:15:42 GMT
x-amz-version-id
Po9s8aOopbD3aOzy8UwjHlyVG.un6YLS
via
1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14770
last-modified
Mon, 19 Feb 2024 10:09:46 GMT
server
cloudflare
etag
"8104c5ea9d0480ec57803c6d9febc548"
vary
Accept-Encoding, Origin
content-type
image/png
accept-ranges
bytes
cf-ray
8b9c54f6fc52d2db-FRA
x-amz-cf-id
DF_0PgQiut0hWIwjuXUMa9xuufXIl4kxwAVjV6n9gzirsKhi3e9Ruw==
ic_more-3b710bfb3928d8397490.png
play.ptdbsviissay.cc/roibest-assets/images/ 		187 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_more-3b710bfb3928d8397490.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
564e5a2ae8fc79737d2ad80c713fdaf6f51b2235238dee96b62cfcdaba034e90

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=&rb_page=1&rb_time=1724764542458
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:13 GMT
x-amz-version-id
fPP082HhsAn8mpRDkn3Td6Iqtv0kPkHq
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"fcb1e16e8b32dd41a611ec7e2d889236"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
187
x-amz-cf-id
c3R0PPJwpU8gHhWFhy_u56Sx5Rz2xtZjVcIygozdVBMov0YObNLjEA==
ic_raid_install-c071afe5557f00257f13.png
play.ptdbsviissay.cc/roibest-assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_raid_install-c071afe5557f00257f13.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d579e143934f667f007bb79457b31323a75df77a941e22111e9aea24d751942

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=&rb_page=1&rb_time=1724764542458
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:13 GMT
x-amz-version-id
FaNGeGkwoQHcks1jr_SbDKOV4YVL_8pW
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"c2878e9ac89f40cb8aa9d59e9ad0757f"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2970
x-amz-cf-id
aIkY9HrLhr_S6q4SCmGg0jboMgwx3UCGdIF9QnMTfXZ4Yl89Sd9YcQ==
img_reward-18bc0c7471777e668be9.png
play.ptdbsviissay.cc/roibest-assets/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/img_reward-18bc0c7471777e668be9.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34ccf3bda39c7052092d84f9a70feb7dd10e530171e1c6415a7406cae93bb988

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=&rb_page=1&rb_time=1724764542458
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:13 GMT
x-amz-version-id
MsXBtjjPkHum0MO5N2uS2RC_SSeOLHM_
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"016a314feb3f3a9f91445ef31af3ee49"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
18604
x-amz-cf-id
eAPw89-41a5FdpIEoLUrPwFqbH4WgM-1qmbhhRlqqjLc4iPZ47uTRg==
google_play_img-5581e7ee5269f365cce2.png
play.ptdbsviissay.cc/roibest-assets/images/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/google_play_img-5581e7ee5269f365cce2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14370d925bc67ba8e83a1e74c6a844e39da65e7d1a9566ffb8ca30664bdeb33b

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=&rb_page=1&rb_time=1724764542458
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:13 GMT
x-amz-version-id
jnFEMEs0WJAV1Xy7WawrFih.MSHXId4o
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"30afd5fd572d4119d278a86668e6d62f"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
25908
x-amz-cf-id
7kOHVcgM0T8VkIH5z0hvJAsadY9CXfSQWKMOv7coAERTchF3IDFa-A==
favicon.png
play.ptdbsviissay.cc/4157267578/roibest/icons/ 		35 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://play.ptdbsviissay.cc/4157267578/roibest/icons/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f07c2225331f924e0902240e44830f8a02cd1135511e893e683d336a0ac2c7f

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=&rb_page=1&rb_time=1724764542458
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 07:56:49 GMT
x-amz-version-id
GrD0mTVRVi1cRMWfXtDb.piJwd_T.p20
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 03:36:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
19133
etag
"aa45d7077e3dcbdd19eb25d7dd5a2a33"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
36080
x-amz-cf-id
UQUCcplEQB5SlmOQ3cnFoUNZHN-jjFEpLx3rN5Qtwz5-1u_OnUM3UQ==
link
5954897322-pb0tp3hd.bttzs.com/create/ 		115 B
186 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://5954897322-pb0tp3hd.bttzs.com/create/link
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/roibest-assets/js/install-5ebdc1bba3721a4ee687.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.15
Resource Hash
17afcd3732921667725f43c718544bdebadc3bf747abc07a44a3a225086e0a7f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://play.ptdbsviissay.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Aug 2024 13:15:43 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
PHP/8.2.15
x-ip-src-lat
51.29930
x-ip-src-country
DE
x-request-id
987767c99527e0ce6545121bc428235f
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
origin
access-control-allow-credentials
true
x-ip-src-lon
9.49100
cf-ray
8b9c54fbc894d365-FRA
access-control-allow-headers
*
x-ip-src
2a01:4a0:1338:93::8
link
5954897322-pb0tp3hd.bttzs.com/create/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://5954897322-pb0tp3hd.bttzs.com/create/link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.15
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://play.ptdbsviissay.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
8b9c54fa6c6bd365-FRA
date
Tue, 27 Aug 2024 13:15:43 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
origin
x-content-type-options
nosniff
x-ip-src
2a01:4a0:1338:93::8
x-ip-src-country
DE
x-ip-src-lat
51.29930
x-ip-src-lon
9.49100
x-powered-by
PHP/8.2.15
x-request-id
67fa8d6c3211f6eb28457d8076c3ec17
Il
5954897322-pb0tp3hd.bttzs.com/rus/ Frame 9306 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5954897322-pb0tp3hd.bttzs.com/rus/Il?uuid=U2408276262072614300382424&unionid=
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/roibest-assets/js/install-5ebdc1bba3721a4ee687.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://play.ptdbsviissay.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=86400
cf-cache-status
DYNAMIC
cf-ray
8b9c54fdda64d38c-FRA
content-encoding
br
content-type
text/html
date
Tue, 27 Aug 2024 13:15:43 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding origin
x-content-type-options
nosniff
x-ip-src
2a01:4a0:1338:93::8
x-ip-src-country
DE
x-ip-src-lat
51.29930
x-ip-src-lon
9.49100
r9.gif
5954897322-pb0tp3hd.bttzs.com/pixgif/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://5954897322-pb0tp3hd.bttzs.com/pixgif/r9.gif?uuid=U2408276262072614300382424&channel_id=4&invite_code=&event_code=21001&link_id=L2408274772072614341198605&project_id=4157267578&version=2&package=4157267578&promote_url_id=2755484424&extend=e30%3D&source=&language=de-DE&timezone=UTC%2B2&report_url=aHR0cHM6Ly9wbGF5LnB0ZGJzdmlpc3NheS5jYy80MTU3MjY3NTc4LzQxNTcyNjc1NzhfbWFpbi5odG1sP2NoYW5uZWxfaWQ9NCZyYl9waXhlbF9pZD0yMzEzNDIzNCZwcm9tb3RlX3VybF9pZD0yNzU1NDg0NDI0JnJiX3RpZD0wJmludml0ZV9jb2RlPSZyYl9wYWdlPTEmcmJfdGltZT0xNzI0NzY0NTQyNDU4JmxpbmtfaWQ9TDI0MDgyNzQ3NzIwNzI2MTQzNDExOTg2MDU%3D&base64_params=report_url%2Cextend
Requested by
Host: play.ptdbsviissay.cc
URL: https://play.ptdbsviissay.cc/roibest-assets/js/install-5ebdc1bba3721a4ee687.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://play.ptdbsviissay.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers
ic_sd-0f0ff5464df5f1e88241.png
play.ptdbsviissay.cc/roibest-assets/images/ 		598 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_sd-0f0ff5464df5f1e88241.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
427f5e9956fdd118cebd224a4c7f7e99e74b755b7de611cee4bc62879229ee46

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:13 GMT
x-amz-version-id
cRZ9g9blX3AGThvieyxkqpAuhQ6PvEsS
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18331
etag
"8eb5fa529cf2eccdc3197f1c0e1f7910"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
598
x-amz-cf-id
Wr6o3AXOjgb2f-cawjnCSEuvbt51xeaKfPLTDXUpjKABrwtbf6t0BQ==
code_img1-4efa7a01cb81b72b45fa.png
play.ptdbsviissay.cc/roibest-assets/images/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/code_img1-4efa7a01cb81b72b45fa.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f03aee4c8d352621b61356ecfd235bab9baa0f165f9820ffec8114a470b8c96

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=&rb_page=1&rb_time=1724764542458&link_id=L2408274772072614341198605
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:13 GMT
x-amz-version-id
6nNlaAKu1Jy69Az.Rvo0GrMeG0nl6YJ1
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18331
etag
"5c60b18c056299c3ec7f44646a4f0b7e"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
30805
x-amz-cf-id
mgUlNfxItYO5uFOxqi8LXY5nsVx0nk8V1TVV5FBF1Bh5OnX1nKF0cw==
code_light-1a77a777fc22de25628b.png
play.ptdbsviissay.cc/roibest-assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/code_light-1a77a777fc22de25628b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93a16c644653966e37cbd231604f76cec9d1f4861e57e48a7c81cb3016d5dccc

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=&rb_page=1&rb_time=1724764542458&link_id=L2408274772072614341198605
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:13 GMT
x-amz-version-id
L1u03bGBCRV1I_5NPQtHzFUkug4.JfzF
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18331
etag
"b0a0ef0e53fa3f56d05636539f941c90"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2225
x-amz-cf-id
gTCx89b9aG6UNUEXrIm6YJvK0WYP--U6rataJvU8BCXqVRkIttaOAw==
code_bg-d8e382ff91517eb77526.png
play.ptdbsviissay.cc/roibest-assets/images/ 		193 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/code_bg-d8e382ff91517eb77526.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
465f6cb919b3bb4e79493d0215c39947f3aac0e6fe31a4bfb1b4be5d1c2513fe

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=&rb_page=1&rb_time=1724764542458&link_id=L2408274772072614341198605
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:13 GMT
x-amz-version-id
fLBdaaCPNjT6F5UdAGrmlX5MWU6.lBXX
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"8b3f361c38abfcfd70657afd89440388"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
193
x-amz-cf-id
xbNikhy_gsX8Hj9wXlIq3bFCVZCvh-eREGqIkS3dEceeVnMBXNk66w==
ic_arrowhead-f1049004c2e11e3715da.png
play.ptdbsviissay.cc/roibest-assets/images/ 		754 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.ptdbsviissay.cc/roibest-assets/images/ic_arrowhead-f1049004c2e11e3715da.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e01191e1225ab0f3c0e7028b50f4dc118d9a8053907ec574fb67100108de23b

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=&rb_page=1&rb_time=1724764542458&link_id=L2408274772072614341198605
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:10:13 GMT
x-amz-version-id
sUO_7Af6qY0WxTCLF.O0nU_gAW7mIT8g
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Tue, 27 Aug 2024 08:00:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
18330
etag
"daf734a9870e8f8d5532a820981dcb0b"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
754
x-amz-cf-id
Xrw2sfHBJwEVa-TZd0i9X__Yc7qsBBMfRAzFbsXSexPxhZ-d62pzCg==
favicon.png
play.ptdbsviissay.cc/4157267578/roibest/icons/ 		35 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://play.ptdbsviissay.cc/4157267578/roibest/icons/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3800:1c:9c58:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f07c2225331f924e0902240e44830f8a02cd1135511e893e683d336a0ac2c7f

Request headers

Referer
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=&rb_page=1&rb_time=1724764542458&link_id=L2408274772072614341198605
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 07:56:49 GMT
x-amz-version-id
GrD0mTVRVi1cRMWfXtDb.piJwd_T.p20
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 03:36:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
19133
etag
"aa45d7077e3dcbdd19eb25d7dd5a2a33"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
36080
x-amz-cf-id
UQUCcplEQB5SlmOQ3cnFoUNZHN-jjFEpLx3rN5Qtwz5-1u_OnUM3UQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
play.ptdbsviissay.cc
URL
https://play.ptdbsviissay.cc/4157267578/4157267578_main.html?channel_id=4&rb_pixel_id=23134234&promote_url_id=2755484424&rb_tid=0&invite_code=

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __rb object| webpackChunkrollup_app function| gtag object| dataLayer string| __rb_pwa_api_url object| google_tag_manager object| google_tag_data object| __rb_event_listener object| __rb_sw

5 Cookies

Domain/Path Name / Value
.www.dbsv-trada.vip/ Name: __cf_mw_byp
Value: MV2l.zduJE7qe8.1ELNDtxXjPUvh1CCnhfP7UApcT.Y-1724764536-0.0.1.1-/
.roibest.com/ Name: __cf_bm
Value: UmlkmhwFX0cRx_M3WV9HIpLilysTh4hnVEISsgay9pU-1724764542-1.0.1.1-Lt2iQOVryDLlCSYugDujGmXgGI0Gsl6augcDCYzH.bEPcDSI5huUIBhDD7uDa.F6ivCC7T2_RooMJ.1ACDHTOA
.bttzs.com/ Name: _f_cu
Value: 0426c6e3679c4f16a5b7115139d895d7
.bttzs.com/ Name: _f_ci
Value: 21094f4679284671a5e4ea27a8b66266
.bttzs.com/ Name: _cu
Value: d63c5368e00d418abd500d2ff8bbcc1e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5954897322-pb0tp3hd.bttzs.com
play.ptdbsviissay.cc
static.roibest.com
www.dbsv-trada.vip
www.googletagmanager.com
play.ptdbsviissay.cc
2600:9000:2240:3800:1c:9c58:8240:93a1
2606:4700:3030::ac43:81a2
2606:4700:4400::ac40:914c
2606:4700:4400::ac40:9a69
2a00:1450:4001:80e::2008
0262200fe10f2f7e73bcc56b2dffa705d2722134854f7a3f62490c5bca876328
0cdf0063c8c613033b911b0eb7162aa0a3931b4129ba193163e71dc7d8e16e4b
14370d925bc67ba8e83a1e74c6a844e39da65e7d1a9566ffb8ca30664bdeb33b
170211c416e8853ab980d6ed3a91cca2fdfccb28f095322d232dcad9a6e83bfc
17afcd3732921667725f43c718544bdebadc3bf747abc07a44a3a225086e0a7f
1f03aee4c8d352621b61356ecfd235bab9baa0f165f9820ffec8114a470b8c96
1f07c2225331f924e0902240e44830f8a02cd1135511e893e683d336a0ac2c7f
20cdca261908700839619b02a3280f4135e952e93caf6679ed71900d16b87841
2ca5689b21ac4f8b882894218086724028514e0c55dc71e703c2c6fe751d5d04
34ccf3bda39c7052092d84f9a70feb7dd10e530171e1c6415a7406cae93bb988
427f5e9956fdd118cebd224a4c7f7e99e74b755b7de611cee4bc62879229ee46
465f6cb919b3bb4e79493d0215c39947f3aac0e6fe31a4bfb1b4be5d1c2513fe
4d579e143934f667f007bb79457b31323a75df77a941e22111e9aea24d751942
50c324787d32b5687b17d19a4b6eff7ec62ba4137d0036bf20ce6b91f593628b
564e5a2ae8fc79737d2ad80c713fdaf6f51b2235238dee96b62cfcdaba034e90
61f45e037e0d5d1143a31e3c478f25a4c06ea480251468556d5f51779e896768
68b8e4c1bc76b859c5ea2e42293846ea476199743a129ea84db82cc9c2ec3dbc
692fb4e2580cd922c601533dcfe15c5dd51093f4d4a8bf52077f78d433c590f2
6bce84da3e9894f94702c54ab3acea87cf9aa74568bcd50e96927a4ccd8da533
79d6f98196471624f5aded148b05a1862c117fbbf3824dae763dde00d8a72993
7c4fd5a1098ded56d52c384c882b7e7c19ffa5bdda7fd6e5cf237748b216b5fd
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
851247e401d6728370df8b98f02bdf47e99770326ec69a08a514738eef2a6f9a
8b0f60ea4546aa6b8d2073cacf42d5b58922a50d3e5fb7c6f6a1b15acce7d6fd
8ca8f1907aae91a0db716a240837d9933bd51121405c04613bf3119657782839
93a16c644653966e37cbd231604f76cec9d1f4861e57e48a7c81cb3016d5dccc
974ee8402aed7391f8ed35155db12950697bcbbe3ad01abfb81718b65cb1960d
99c6a65a82fc4b58e00995480f54f600ca1fee0b4a08d812b973b86c5a3fea25
9e01191e1225ab0f3c0e7028b50f4dc118d9a8053907ec574fb67100108de23b
a638d6abaecd5ac05c142bf36e7b6d095589c17cc9ffbd22fae070f687cf5a68
b1666e27c0c788418cb9bd2e214086b4d4e42fab5198890dedcbf4c0ad8977d4
c267d68d6299cc5726736ad400f2ed37ec6be1c30fc460f78bf6f8436f8bc7a5
c27c22381baab6ae9f4f6106084d14513deb3aff9e73debe46e799585e984413
cc0ba79246e53f9e368dd9fd490dc0255d6b1d0af31e0bb8e2a9926d99b3b197
d33b8e1c6c1e6859fd0a422ddcfdbee78f60d2b550d5f59851712534e96750b1
dd01b537f50c69e818ba9bf574189181db22a87787ae9a6c220c15a853f4d2a5
e474cb31db51150a92ec8e86514a2c18bdf9a4a57122313f8c37f2d3abf1c85b
ebd3f890c3d518b5ee93973a858db62a8d1dd1c2241e88d6b56735c183866a1b
ee9702db6bd9b9cb785a537dd47af4a9e40734c69999853409967afabf186f4b
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f76b80a24415d5c893ff3123f4c06ac777cdf71a7c6123e4af04e2b0ceac33ab
f890af30f9b4bdb78b7137827185eac58c6b4260fbb927cc402cb3a36308e72b
fbb946f137aebafac40a10739a1859fb20fcb202dc8008229280b87af07f5ffe
fd8f46dadaba7bf6b6b65339c1046b13b88182d1b2cfe061ad608a93ceb44ae0