urlscan.io logo urlscan.io
SecurityTrails logo

nvwvajqeety.cyou Open in urlscan Pro
2606:4700:3033::6815:5d85  Public Scan

Go To Rescan Add Verdict Report
URL: https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=...
Submission: On October 29 via api from RU — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3033::6815:5d85, located in United States and belongs to CLOUDFLARENET, US. The main domain is nvwvajqeety.cyou.
TLS certificate: Issued by WE1 on October 24th 2024. Valid for: 3 months.
This is the only time nvwvajqeety.cyou was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2606:4700:303... 13335 (CLOUDFLAR...)
9 31.220.27.154 39572 (ADVANCEDH...)
18 2
Apex Domain
Subdomains		 Transfer
9 nvwvajqeety.cyou
nvwvajqeety.cyou
199 KB
7 kaminari.space
kaminari.space — Cisco Umbrella Rank: 973683
6 KB
2 afrdtech.com
afrdtech.com
20 KB
18 3
Domain Requested by
9 nvwvajqeety.cyou nvwvajqeety.cyou
7 kaminari.space afrdtech.com
kaminari.space
2 afrdtech.com nvwvajqeety.cyou
afrdtech.com
18 3

This site contains links to these domains. Also see Links.

Domain
d219ab8c27b0b.net
Subject Issuer Validity Valid
nvwvajqeety.cyou
WE1		 2024-10-24 -
2025-01-22		 3 months crt.sh
afrdtech.com
R10		 2024-08-09 -
2024-11-07		 3 months crt.sh
kaminari.space
ZeroSSL RSA Domain Secure Site CA		 2024-09-20 -
2024-12-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22
Frame ID: 6EC290CE117831060E79811ED3046F8B
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Поисковый бот ГАЗИНВЕСТ

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div [^>]*id="__nuxt"
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

225 kB
Transfer

564 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request dBWmYk
nvwvajqeety.cyou/ 		19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5d85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0afac1d33662fcd2423f8d4ea494fa3b6ed1e3692682798c8ec47f5402990fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8da446119a2f6a53-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 29 Oct 2024 15:42:08 GMT
expires
Tue, 29 Oct 2024 15:42:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=875SJoPFtA9oViiJNg4kkvgLs72Lz4vETg3TLQ3JP%2BbJ1rB43bwwOXV1C7Cg0SEcNjK2KgSfTTys6LR0HgD%2BQ14ag65%2FJFhYi%2FNA0Uxaltf%2FezUKhqnLfSJzgqFDHGmf2kH7ooXyuyxhaagWHYe%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=41281&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4156&recv_bytes=4519&delivery_rate=421&cwnd=12000&unsent_bytes=0&cid=96020652f3734862&ts=522&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
style.css
nvwvajqeety.cyou/8uibp45k6oyd0l4ec646/gaz-bot-csp_9/ 		132 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nvwvajqeety.cyou/8uibp45k6oyd0l4ec646/gaz-bot-csp_9/style.css
Requested by
Host: nvwvajqeety.cyou
URL: https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5d85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4357c733d2837a4e3392c1de3263c82fea048024460123b71fc8cec92db8a2ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"671f6097-20fa5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kRKji0icH6lUeJuiCawXlT6fWHVVvdW1RSTMzmCUgyKG6STEdve27doq8zJ9TExyBzA7zy9DnUc5dRb22fCFM0kM%2FpOfypCjWIf17enIpm%2FytysaIXFIpvDGvuI5VMuifdpEHsxGZwnnqcu0RWQ5"}],"group":"cf-nel","max_age":604800}
expires
Fri, 08 Nov 2024 15:42:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43827&sent=29&recv=25&lost=0&retrans=0&sent_bytes=18418&recv_bytes=8980&delivery_rate=127873&cwnd=12000&unsent_bytes=0&cid=96020652f3734862&ts=1362&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 29 Oct 2024 15:42:08 GMT
content-type
text/css
last-modified
Mon, 28 Oct 2024 09:59:51 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8da44617a8b06a53-EWR
access-control-allow-origin
*
server
cloudflare
bc0260d.png
nvwvajqeety.cyou/8uibp45k6oyd0l4ec646/gaz-bot-csp_9/public/img/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvwvajqeety.cyou/8uibp45k6oyd0l4ec646/gaz-bot-csp_9/public/img/bc0260d.png
Requested by
Host: nvwvajqeety.cyou
URL: https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5d85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18520bf130ae64a5878a5ce011cfb5229b8d11389b76218f49a55747004c03d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22

Response headers

cf-cache-status
MISS
etag
"671f6097-1ab45"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlGGzS4VkYo%2FO0%2FG%2FTs69CZni9iJ5%2FwHxYfdfmT1hCorBnG%2BNKbfDR2DmsaPp8ImBxB%2B4xvor3J3L5TmLK4iL7qQs5WfGBrDaG0ZJQacW9AizJ%2BeSxjL9pwS76Lr5onPJayhQDUrnuvL7UsVwwEX"}],"group":"cf-nel","max_age":604800}
expires
Fri, 08 Nov 2024 15:42:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44159&sent=83&recv=40&lost=0&retrans=0&sent_bytes=79274&recv_bytes=9625&delivery_rate=527477&cwnd=39600&unsent_bytes=0&cid=96020652f3734862&ts=1468&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 29 Oct 2024 15:42:09 GMT
content-type
image/png
last-modified
Mon, 28 Oct 2024 09:59:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8da44617a8b46a53-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
109381
server
cloudflare
appstore.f34e9a2.svg
nvwvajqeety.cyou/8uibp45k6oyd0l4ec646/gaz-bot-csp_9/public/img/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvwvajqeety.cyou/8uibp45k6oyd0l4ec646/gaz-bot-csp_9/public/img/appstore.f34e9a2.svg
Requested by
Host: nvwvajqeety.cyou
URL: https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5d85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cfabcfdbec9a5cd903190f150028743f38c3533b53ea21c6e4dd35a52a80383

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"671f6097-2fc0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yEO4YDAqNyP21TnCjeZEwoSXgV0DG4qSyrOL2%2BD7dLTlrtdjl30Gpk%2FrUamscmjqdt8NeZ9391irOi6N7Ejt6VZMvxQqD9qx8oYJkbyuXVkCIZl0I8h8ydg5R405BNOif00YPi3oWEvlPG%2FgG3Ln"}],"group":"cf-nel","max_age":604800}
expires
Fri, 08 Nov 2024 15:42:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44787&sent=24&recv=22&lost=0&retrans=0&sent_bytes=13074&recv_bytes=8850&delivery_rate=16120&cwnd=12000&unsent_bytes=0&cid=96020652f3734862&ts=1284&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 29 Oct 2024 15:42:08 GMT
content-type
image/svg+xml
last-modified
Mon, 28 Oct 2024 09:59:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8da44617c8d26a53-EWR
access-control-allow-origin
*
server
cloudflare
googleplay.c83af8e.svg
nvwvajqeety.cyou/8uibp45k6oyd0l4ec646/gaz-bot-csp_9/public/img/ 		22 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvwvajqeety.cyou/8uibp45k6oyd0l4ec646/gaz-bot-csp_9/public/img/googleplay.c83af8e.svg
Requested by
Host: nvwvajqeety.cyou
URL: https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5d85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5edffad654a2c1be51ffe4c2bb76bf04f1617d07dae25397b7c8dabf5f8863d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"671f6097-58d1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7FWb1GAmyXRNUFAyZKb645rA%2BU8BiHofhsWnIbR8EBSmoSDDOvYTE9siN6eFo3LlKw7Gxso0QTq7U5dL0kfgXZGoQtFGIwcQGsZWx8oxyy4VgKbh5FThFzgvDxlDWWNIJW8%2FHKRIuDo3CfiHGIL6"}],"group":"cf-nel","max_age":604800}
expires
Fri, 08 Nov 2024 15:42:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43827&sent=39&recv=25&lost=0&retrans=0&sent_bytes=30418&recv_bytes=8980&delivery_rate=127873&cwnd=12000&unsent_bytes=0&cid=96020652f3734862&ts=1389&x=1", cfExtPri, cfHdrFlush;dur=16
date
Tue, 29 Oct 2024 15:42:08 GMT
content-type
image/svg+xml
last-modified
Mon, 28 Oct 2024 09:59:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8da44617c8d46a53-EWR
access-control-allow-origin
*
server
cloudflare
email-decode.min.js
nvwvajqeety.cyou/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nvwvajqeety.cyou/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: nvwvajqeety.cyou
URL: https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5d85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"67180f7e-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Nd0emJzfejB4cWnngq9qS9e5eFMyn8LoaYuP6aejgTwpY5%2FhTtUHgZpEody2ubg9Z4ehF4Mw%2FY44IhxZvnoRBBPJ1IVJiFRvpBiCnIrqsfejRffNTfTXghxGECG4o6yv%2BgseA4Lr9D6EVw13awp"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8da44617a8b66a53-EWR
expires
Thu, 31 Oct 2024 15:42:08 GMT
date
Tue, 29 Oct 2024 15:42:08 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 20:47:58 GMT
server
cloudflare
vary
Accept-Encoding
bundle.js
nvwvajqeety.cyou/8uibp45k6oyd0l4ec646/gaz-bot-csp_9/ 		211 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nvwvajqeety.cyou/8uibp45k6oyd0l4ec646/gaz-bot-csp_9/bundle.js
Requested by
Host: nvwvajqeety.cyou
URL: https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5d85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9379cc259842f422a2870840d77f3c5b9590f7ec64f2b67af1c395d2c3beddfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"671f6097-34d45"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PemvB0ZeriSzJ26uBK%2BTUoLWWO5A%2Fneo9j%2Fx3G77zw1QuJMkBW%2FTq64%2Bg55OjXN0qOEhcXjTzo8%2BYBKWwtN3JNfTMfEEXhIu1Eg4p6ymNu0FzQwREBpCu0MMiuAfT5nuD1hn5WYH8nL6PCMBpXhi"}],"group":"cf-nel","max_age":604800}
expires
Fri, 08 Nov 2024 15:42:08 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43827&sent=39&recv=25&lost=0&retrans=0&sent_bytes=30418&recv_bytes=8980&delivery_rate=127873&cwnd=12000&unsent_bytes=0&cid=96020652f3734862&ts=1395&x=1", cfExtPri, cfHdrFlush;dur=10
date
Tue, 29 Oct 2024 15:42:08 GMT
content-type
application/javascript
last-modified
Mon, 28 Oct 2024 09:59:51 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8da44617c8d56a53-EWR
access-control-allow-origin
*
server
cloudflare
script.js
afrdtech.com/v1/ 		47 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://afrdtech.com/v1/script.js?kmnrKey=303860583
Requested by
Host: nvwvajqeety.cyou
URL: https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.154 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
dc0d429926275ae9a3d92fbb8846de9b69baaf1cda607de3e66fda3a802f2b99

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nvwvajqeety.cyou/

Response headers

content-encoding
gzip
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
date
Tue, 29 Oct 2024 15:42:09 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type
arrow.svg
nvwvajqeety.cyou/8uibp45k6oyd0l4ec646/gaz-bot-csp_9/public/img/ 		224 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvwvajqeety.cyou/8uibp45k6oyd0l4ec646/gaz-bot-csp_9/public/img/arrow.svg
Requested by
Host: nvwvajqeety.cyou
URL: https://nvwvajqeety.cyou/8uibp45k6oyd0l4ec646/gaz-bot-csp_9/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5d85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eebf728fc655c8367cb15b6cce397c5d8172d1753c356ffea9eb9df6a78cfff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nvwvajqeety.cyou/8uibp45k6oyd0l4ec646/gaz-bot-csp_9/style.css

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"671f6097-e0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YRObUGzkerCP6GxP%2BqRtJUIfX2xfGphpHqqsjfkhrUFD5zysmbVpykeF9t2xX%2F6vN9kPLU%2FIYp92AFgG%2BzwGMXUsbdA3dk2DVe%2FgfsPB1kmgUZfwtb0lx89jJCrQv7fQojioKYoW4f6LLBPnKtId"}],"group":"cf-nel","max_age":604800}
expires
Fri, 08 Nov 2024 15:42:09 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42305&sent=197&recv=75&lost=0&retrans=0&sent_bytes=210378&recv_bytes=11789&delivery_rate=1100677&cwnd=75600&unsent_bytes=0&cid=96020652f3734862&ts=1715&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 29 Oct 2024 15:42:09 GMT
content-type
image/svg+xml
last-modified
Mon, 28 Oct 2024 09:59:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8da4461a7b966a53-EWR
access-control-allow-origin
*
server
cloudflare
favicon.ico
nvwvajqeety.cyou/8uibp45k6oyd0l4ec646/gaz-bot-csp_9/public/img/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nvwvajqeety.cyou/8uibp45k6oyd0l4ec646/gaz-bot-csp_9/public/img/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5d85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d753707c334888732d902d8680d85a6cf1e458fcced2494875e9812eae03490

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"671f6097-47e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dNClveXM8ZXaucmZu7uDDPOs5weLijOXt2Jy5y%2FYTrr8i2WdTAz3%2BXjEhcNvm6xuDM%2BuclImy12%2BTF8RCAPPRYogosHvHCoLSumwYZv5njseHcSrKi6UGuvUePCM8IeRl5L%2FcO9%2Fqv4NlGXB7mLM"}],"group":"cf-nel","max_age":604800}
expires
Fri, 08 Nov 2024 15:42:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43027&sent=199&recv=77&lost=0&retrans=0&sent_bytes=211292&recv_bytes=12548&delivery_rate=15106&cwnd=75600&unsent_bytes=0&cid=96020652f3734862&ts=2541&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 29 Oct 2024 15:42:10 GMT
content-type
image/x-icon
last-modified
Mon, 28 Oct 2024 09:59:51 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8da4461fa9c76a53-EWR
access-control-allow-origin
*
server
cloudflare
bean-script.js
kaminari.space/v1/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kaminari.space/v1/bean-script.js?kmnrKey=303860583
Requested by
Host: afrdtech.com
URL: https://afrdtech.com/v1/script.js?kmnrKey=303860583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.154 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
7a3ce077f42acd4f6345839409724008e91c26379d1ddce2fa3142abeae57dd6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nvwvajqeety.cyou/

Response headers

content-encoding
gzip
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
date
Tue, 29 Oct 2024 15:42:10 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type
check
afrdtech.com/v2/ 		0
220 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://afrdtech.com/v2/check
Requested by
Host: afrdtech.com
URL: https://afrdtech.com/v1/script.js?kmnrKey=303860583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.154 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://nvwvajqeety.cyou/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nvwvajqeety.cyou
content-length
0
date
Tue, 29 Oct 2024 15:42:10 GMT
content-type
application/json
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type
append
kaminari.space/v1/ 		0
220 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kaminari.space/v1/append
Requested by
Host: kaminari.space
URL: https://kaminari.space/v1/bean-script.js?kmnrKey=303860583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.154 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://nvwvajqeety.cyou/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nvwvajqeety.cyou
content-length
0
date
Tue, 29 Oct 2024 15:42:10 GMT
content-type
application/json
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type
append
kaminari.space/v1/ 		0
220 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kaminari.space/v1/append
Requested by
Host: kaminari.space
URL: https://kaminari.space/v1/bean-script.js?kmnrKey=303860583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.154 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://nvwvajqeety.cyou/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nvwvajqeety.cyou
content-length
0
date
Tue, 29 Oct 2024 15:42:10 GMT
content-type
application/json
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type
append
kaminari.space/v1/ 		0
220 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kaminari.space/v1/append
Requested by
Host: kaminari.space
URL: https://kaminari.space/v1/bean-script.js?kmnrKey=303860583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.154 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://nvwvajqeety.cyou/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nvwvajqeety.cyou
content-length
0
date
Tue, 29 Oct 2024 15:42:10 GMT
content-type
application/json
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type
append
kaminari.space/v1/ 		0
220 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kaminari.space/v1/append
Requested by
Host: kaminari.space
URL: https://kaminari.space/v1/bean-script.js?kmnrKey=303860583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.154 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://nvwvajqeety.cyou/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nvwvajqeety.cyou
content-length
0
date
Tue, 29 Oct 2024 15:42:10 GMT
content-type
application/json
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type
append
kaminari.space/v1/ 		0
220 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kaminari.space/v1/append
Requested by
Host: kaminari.space
URL: https://kaminari.space/v1/bean-script.js?kmnrKey=303860583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.154 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://nvwvajqeety.cyou/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nvwvajqeety.cyou
content-length
0
date
Tue, 29 Oct 2024 15:42:10 GMT
content-type
application/json
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type
append
kaminari.space/v1/ 		0
220 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kaminari.space/v1/append
Requested by
Host: kaminari.space
URL: https://kaminari.space/v1/bean-script.js?kmnrKey=303860583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.154 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://nvwvajqeety.cyou/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nvwvajqeety.cyou
content-length
0
date
Tue, 29 Oct 2024 15:42:10 GMT
content-type
application/json
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| kmnrSc object| kmnrPrnt object| kmnr function| a0_0x533e function| a0_0x34e2 object| bgdataLayer function| vitBack object| m951

3 Cookies

Domain/Path Name / Value
nvwvajqeety.cyou/ Name: _subid
Value: 2ul6s7f309dd2
nvwvajqeety.cyou/ Name: 12783
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE1ODZcIjoxNzMwMjE2NTI3fSxcImNhbXBhaWduc1wiOntcIjEyNDhcIjoxNzMwMjE2NTI3fSxcInRpbWVcIjoxNzMwMjE2NTI3fSJ9.0lkLKL9jOCdYcXmij4oASsILYpy78L18UgxJwWAkhcs
nvwvajqeety.cyou/ Name: _token
Value: uuid_2ul6s7f309dd2_2ul6s7f309dd26721024fcba051.64990891

2 Console Messages

Source Level URL
Text
security warning URL: https://afrdtech.com/v1/script.js?kmnrKey=303860583(Line 4)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
rendering warning URL: https://nvwvajqeety.cyou/dBWmYk?cost=0.16&creative_id=7911416&ad_campaign_id=62493&source=12%3A1467473926482851&sub_id_1=cc&sub_id_2=42&sub_id_3=22
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F004067C390000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.