urlscan.io logo urlscan.io
SecurityTrails logo

mdzi.qvodt036.xyz Open in urlscan Pro
2606:4700:3030::6815:383f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://99v76.com/
Effective URL: https://mdzi.qvodt036.xyz/
Submission: On June 09 via api from BE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3030::6815:383f, located in United States and belongs to CLOUDFLARENET, US. The main domain is mdzi.qvodt036.xyz.
TLS certificate: Issued by GTS CA 1P5 on May 13th 2024. Valid for: 3 months.
This is the only time mdzi.qvodt036.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 188.114.96.3 13335 (CLOUDFLAR...)
1 1 172.67.176.149 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
8 2
Apex Domain
Subdomains		 Transfer
7 99v76.com
99v76.com
19 KB
1 qvodt036.xyz
mdzi.qvodt036.xyz
1 qvoddts53.xyz
mdzi.qvoddts53.xyz
535 B
8 3
Domain Requested by
7 99v76.com 99v76.com
1 mdzi.qvodt036.xyz 99v76.com
1 mdzi.qvoddts53.xyz 1 redirects
8 3

This site contains no links.

Subject Issuer Validity Valid
99v76.com
E1		 2024-05-08 -
2024-08-06		 3 months crt.sh
qvodt036.xyz
GTS CA 1P5		 2024-05-13 -
2024-08-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://mdzi.qvodt036.xyz/
Frame ID: D54DBFF4FB2767E7F6A7710CB75FF24E
Requests: 7 HTTP requests in this frame

Frame: https://99v76.com/head.html?timestamp=1717925552&ck=f7a07bd4df7d93567ba79c950c3e261a
Frame ID: 9090A846AFB5DA4B7B10E54F11D429DD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

推广

Page URL History Show full URLs

  1. https://99v76.com/ Page URL
  2. https://99v76.com/3.html?5e68686467342b2b615a6e5f2a656a635a5a68672h2f2a6c6d6e2b Page URL
  3. https://mdzi.qvoddts53.xyz/ HTTP 302
    https://mdzi.qvodt036.xyz/ Page URL

Page Statistics

8
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

19 kB
Transfer

568 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://99v76.com/ Page URL
  2. https://99v76.com/3.html?5e68686467342b2b615a6e5f2a656a635a5a68672h2f2a6c6d6e2b Page URL
  3. https://mdzi.qvoddts53.xyz/ HTTP 302
    https://mdzi.qvodt036.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
99v76.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://99v76.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfaa929e132af4abc0217f5e268748db5582d9be46330726b5e8aa29b00c85ed

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
api_url
dtIndex
cf-cache-status
DYNAMIC
cf-ray
89101d742fa98fd7-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Sun, 09 Jun 2024 09:32:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E54blz7OkYW8FltHxq8oPUxKokYTdZuGzUbpJJpKgi0SzemyCxXYUQSou1ImLXTTvfWkBYONBMFsvnsYf2LNtrpdCmok8anDxhfbtmMm5kj2XAQZwsJAbjEYU6k%3D"}],"group":"cf-nel","max_age":604800}
request_uri
/
server
cloudflare
vary
Accept-Encoding
fg.js
99v76.com/js/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://99v76.com/js/fg.js
Requested by
Host: 99v76.com
URL: https://99v76.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://99v76.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:32:34 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
request_uri
/js/fg.js
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Mar 2024 06:25:54 GMT
server
cloudflare
api_url
dtIndex
etag
W/"65eff572-72e4"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TFmvbPU%2FdQo64CQjZ%2FJh24IGnwKAYjvPUuV3pKIjtlzVfhmwsBHfEw%2FvHpZhy8bIZ2hWmxc0r6acO3tjrt73ds0vrfZpXWlL49sWCJD7BUYlvP9GWGUvO5tb%2BKQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
89101d769a8f8fd7-FRA
access-control-allow-headers
*
log
99v76.com/ 		35 B
444 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://99v76.com/log
Requested by
Host: 99v76.com
URL: https://99v76.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://99v76.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 09 Jun 2024 09:32:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
api_url
dtLog
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GxN%2BngDJiuidEUCuxsqSKxy%2FYjNOt6UGiVM1zTqcbVCZty1TzKlxe8giopKxCYS3N6YJ9o%2BuOk2ffGLnjyPu6H8Qo%2BTWmOeMKaHzfs9Vu0qKaCQK847NPcyqz10%3D"}],"group":"cf-nel","max_age":604800}
request_uri
/log
cf-ray
89101d79ae858fd7-FRA
access-control-allow-headers
*
content-length
35
alt-svc
h3=":443"; ma=86400
favicon.ico
99v76.com/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://99v76.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://99v76.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:32:34 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
api_url
dtIndex
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/html;charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QP126%2Fc%2B%2F00kxSfzAlBRHsgaqKD75XOxwwLWvQP8CsQlblRkbijxK0HxeFEYz3jbKCXbbFTq0OF5Bzhu1cOwlT%2BgSJj%2BvHdhGUD7C9uwUmiSJ%2B3twgrgsnkj5sA%3D"}],"group":"cf-nel","max_age":604800}
request_uri
/favicon.ico
cf-ray
89101d79eef68fd7-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
head.html
99v76.com/ Frame 9090 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://99v76.com/head.html?timestamp=1717925552&ck=f7a07bd4df7d93567ba79c950c3e261a
Requested by
Host: 99v76.com
URL: https://99v76.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://99v76.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
api_url
dtSecondPage
cf-cache-status
DYNAMIC
cf-ray
89101d7a7f898fd7-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Sun, 09 Jun 2024 09:32:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CM2ShBhmjIoU6jCSU264QpDSbYGXbvEjtJXC0%2FPrCSCdjE1nRbVeGV7myw2cdDxnK14tQOdJ249naHC1xumTUHlyIptHEL0HMSNN9oE%2B165M4SLzWfMCTl9o980%3D"}],"group":"cf-nel","max_age":604800}
request_uri
/head.html?timestamp=1717925552&ck=f7a07bd4df7d93567ba79c950c3e261a
server
cloudflare
vary
Accept-Encoding
3.html
99v76.com/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://99v76.com/3.html?5e68686467342b2b615a6e5f2a656a635a5a68672h2f2a6c6d6e2b
Requested by
Host: 99v76.com
URL: https://99v76.com/head.html?timestamp=1717925552&ck=f7a07bd4df7d93567ba79c950c3e261a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8be87f04c18774b039015d0fc176b45ec4b6e42a51d05e43c6ce98416b83d42

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://99v76.com/head.html?timestamp=1717925552&ck=f7a07bd4df7d93567ba79c950c3e261a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
api_url
dtThirdPage
cf-cache-status
DYNAMIC
cf-ray
89101d7d8b758fd7-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Sun, 09 Jun 2024 09:32:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Yr5VZvVQjDf87m%2B3%2FxwDs85pDhD2wbWmBnfnWJpkxce026fi13UdL8HmNvyqOT68V4YH5zjM6f0Qh5VgfHEl0%2FQ%2Fp8CK6rwe3y7rmLE9wYySTTq3dQSPdPA1qs%3D"}],"group":"cf-nel","max_age":604800}
request_uri
/3.html?5e68686467342b2b615a6e5f2a656a635a5a68672h2f2a6c6d6e2b
server
cloudflare
vary
Accept-Encoding
favicon.ico
99v76.com/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://99v76.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
149b92a524762dd15b270e2b878231f99b4341a5c5b9469e6c7744e4fc85bb44

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://99v76.com/3.html?5e68686467342b2b615a6e5f2a656a635a5a68672h2f2a6c6d6e2b
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:32:35 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
api_url
dtIndex
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/html;charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZZngJkx0Xlcypw4O7r7anqECSjm2tU3Oo5200gGL1yqQfVLK5DGJzYllQdSvvmroKzEaAKiX34XPNcNiqNno2hv01dx9c7gBNz%2FLcqjij2Cdy%2BW2csMVsisADZk%3D"}],"group":"cf-nel","max_age":604800}
request_uri
/favicon.ico
cf-ray
89101d7f0d388fd7-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
Primary Request /
mdzi.qvodt036.xyz/
Redirect Chain
  • https://mdzi.qvoddts53.xyz/
  • https://mdzi.qvodt036.xyz/
529 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mdzi.qvodt036.xyz/
Requested by
Host: 99v76.com
URL: https://99v76.com/3.html?5e68686467342b2b615a6e5f2a656a635a5a68672h2f2a6c6d6e2b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:383f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://99v76.com/3.html?5e68686467342b2b615a6e5f2a656a635a5a68672h2f2a6c6d6e2b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89101d893f8218f9-FRA
content-encoding
br
content-type
text/html
date
Sun, 09 Jun 2024 09:32:37 GMT
last-modified
Tue, 21 May 2024 10:06:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CkksvxXRs6GGcuhTGOfBMOZZwOjpJlTIQau8%2BcK4wfk0W1lOdSN%2BzlRgwRtlN7td33xz3R6Zu100amalFJ1PhzH4xujNBm6xOz7hvbeW6AZo0cqncZ7IWzYwBV%2FrDA8FLQtlJw0ln1IHLe1xnrozMA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
api_url
dtIndex
cf-cache-status
DYNAMIC
cf-ray
89101d85e8734d95-FRA
content-type
text/html;charset=utf-8
date
Sun, 09 Jun 2024 09:32:36 GMT
location
https://mdzi.qvodt036.xyz/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uGFRgLYbXKmaNXE9%2FbXfhLgwhQqMIxu3qPxCRszKjwbYWd41kyELoIZekt%2BcwHeptAsRipEX7h%2BE7DD5UKltnhk48IOr%2FEE5HuqC2I%2FutZaW%2FAReuQf1zc%2Fx671oi0Lw0BlMD3E%3D"}],"group":"cf-nel","max_age":604800}
request_uri
/
server
cloudflare

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Base64 number| c2 number| c1 number| c3

3 Cookies

Domain/Path Name / Value
.99v76.com/ Name: subDomain
Value: qvoddts53.xyz
.99v76.com/ Name: code
Value: mdzi
mdzi.qvoddts53.xyz/ Name: pwaDomain
Value: qvodt036.xyz