urlscan.io logo urlscan.io
SecurityTrails logo

5942486.xyz Open in urlscan Pro
172.67.176.160  Public Scan

Go To Rescan Add Verdict Report
URL: https://5942486.xyz/
Submission: On November 20 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 6 domains to perform 18 HTTP transactions. The main IP is 172.67.176.160, located in United States and belongs to CLOUDFLARENET, US. The main domain is 5942486.xyz.
TLS certificate: Issued by WE1 on October 19th 2024. Valid for: 3 months.
This is the only time 5942486.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 172.67.176.160 13335 (CLOUDFLAR...)
3 172.253.62.157 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 142.251.179.154 15169 (GOOGLE)
1 64.233.180.157 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 172.253.115.105 15169 (GOOGLE)
18 8
7    172.67.176.160 (United States)

ASN13335 (CLOUDFLARENET, US)
5942486.xyz
3    172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net
pagead2.googlesyndication.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    142.251.179.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f154.1e100.net
googleads.g.doubleclick.net
1    64.233.180.157 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f157.1e100.net
ep1.adtrafficquality.google
2    2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    172.253.115.105 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f105.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
7 5942486.xyz
5942486.xyz
77 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
19 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
196 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
18 6
Domain Requested by
7 5942486.xyz 5942486.xyz
static.cloudflareinsights.com
3 pagead2.googlesyndication.com 5942486.xyz
pagead2.googlesyndication.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 static.cloudflareinsights.com 5942486.xyz
18 7

This site contains links to these domains. Also see Links.

Domain
mail.5842486.xyz
lin.ee
Subject Issuer Validity Valid
5942486.xyz
WE1		 2024-10-19 -
2025-01-17		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
adtrafficquality.google
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://5942486.xyz/
Frame ID: D7C372915C2C14283961EA18A3109710
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241119/r20190131/zrt_lookup_fy2021.html
Frame ID: A50E1F7110FB2E6AB2DBF020D7AE63A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4574918827049319&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731734961&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F5942486.xyz%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732136499865&bpp=19&bdt=264&idt=524&shv=r20241119&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=8380638950718&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088727%2C95344788%2C95348213%2C95345967%2C95347755&oid=2&pvsid=3409549026907165&tmod=1967160396&uas=0&nvt=1&fsapi=1&fc=1920&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=608
Frame ID: 68E250831D5A929D7BC92EDBB8791E04
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 1D6416D9F241478AED8E446D56BEAEDA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7D6B66A2D821B71A2FF5FD7607A64EEE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Catherine - Netflix、YouTube會員帳號代開服務

Detected technologies

Overall confidence: 100%
Detected patterns
  • /particles(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

18
Requests

94 %
HTTPS

29 %
IPv6

6
Domains

7
Subdomains

8
IPs

1
Countries

299 kB
Transfer

800 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
5942486.xyz/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5942486.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
febcc6873cb37a0c27e04babc47cb0105e214c511ff99c6cdc42aa9bff0b39b3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
8e5b605ff8ae36b3-YYZ
content-encoding
zstd
content-type
text/html
date
Wed, 20 Nov 2024 21:01:39 GMT
last-modified
Sat, 16 Nov 2024 05:29:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EUPkbMbm%2BJCl8Qi4kwKtwiZzp%2FFTlLSdCvKLhTutV1MI%2BG399Vu%2FBxqdWDRb2%2FvtiD%2Bzu4NCRy4flaWO3%2BK8JeeZGEZmHm6PXTbIG3NJIACz1wdKBUuUoF0JTTmHLg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=44826&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4240&recv_bytes=4534&delivery_rate=347&cwnd=12000&unsent_bytes=0&cid=65d9be54417436ee&ts=419&x=1" cfExtPri cfHdrFlush;dur=0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4574918827049319
Requested by
Host: 5942486.xyz
URL: https://5942486.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
97f4f47a0dfeda9de123c9b1ab8cbff5a950e0f49e57e239a218d77b8c76005e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://5942486.xyz
Referer
https://5942486.xyz/

Response headers

content-encoding
br
etag
15489067183714629478
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 21:01:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 20 Nov 2024 21:01:39 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53325
x-xss-protection
0
server
cafe
index-300395f5.js
5942486.xyz/assets/ 		94 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5942486.xyz/assets/index-300395f5.js
Requested by
Host: 5942486.xyz
URL: https://5942486.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09ad88abf339259c4b239468ac6eccde2ec2b940f2c6d6f4b3c58cd972aacb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://5942486.xyz
Referer
https://5942486.xyz/

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"67382dab-17933"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IMdtVoYWRIhqATqgquTHRFyEe2Cokq0oMKfdjA2AK9P7Cbx8w2anAtV3pHpEb2bwwkw6ForreNZ9kzYC%2FBdHGbLncXLEKNph7IHFA%2Bip96kGEdUv1FAXxSZgsGYT7A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 20 Nov 2025 21:01:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37658&sent=20&recv=19&lost=0&retrans=0&sent_bytes=10084&recv_bytes=5632&delivery_rate=12851&cwnd=12000&unsent_bytes=0&cid=65d9be54417436ee&ts=1016&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 21:01:39 GMT
content-type
application/javascript
last-modified
Sat, 16 Nov 2024 05:29:15 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5b6062eb9536b3-YYZ
server
cloudflare
index-842cb5bf.css
5942486.xyz/assets/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://5942486.xyz/assets/index-842cb5bf.css
Requested by
Host: 5942486.xyz
URL: https://5942486.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
842cb5bfee5f079358adad8e186c0ab7f57f6081ce74da2c16e591b84a49b044

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://5942486.xyz/

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"67382dac-3465"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V4s6U%2BOOWXR7r2wgNdSzuRtCcVo4JXiJEw8GO%2BuugSkxEwJEZcoKOC9psdJxdV%2B%2Be91P54g8bTyY5vTqPlJjuQaqJGRYkprPdHbaI0wdxSjwsKRpvSNuoZTp8JTKfg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 20 Nov 2025 21:01:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42093&sent=16&recv=16&lost=0&retrans=0&sent_bytes=6580&recv_bytes=5501&delivery_rate=99848&cwnd=12000&unsent_bytes=0&cid=65d9be54417436ee&ts=946&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 21:01:39 GMT
content-type
text/css
last-modified
Sat, 16 Nov 2024 05:29:16 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5b6062eb9636b3-YYZ
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: 5942486.xyz
URL: https://5942486.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://5942486.xyz
Referer
https://5942486.xyz/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8e5b60646e80a26c-YUL
access-control-allow-origin
*
date
Wed, 20 Nov 2024 21:01:39 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
particles.min.js
5942486.xyz/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5942486.xyz/particles.min.js
Requested by
Host: 5942486.xyz
URL: https://5942486.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://5942486.xyz/

Response headers

server
cloudflare
cache-control
no-store
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
etag
W/"67382db3-5b44"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KX%2B0yFPyGcpcLRcrDCvMjOXbSNgraOVZqRmO27WIcfsJ2pLKRnMUiwaXneofSLsRIYcYMYcRHbEeePSmxVcdLkbIE%2Fm3gwpoaeYQmN4lkZUcXiE8XrHgd9gwqdxfYw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5b60639c7c36b3-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32739&sent=50&recv=26&lost=0&retrans=0&sent_bytes=44372&recv_bytes=5939&delivery_rate=422978&cwnd=22800&unsent_bytes=0&cid=65d9be54417436ee&ts=1053&x=1", cfExtPri, cfHdrFlush;dur=13
date
Wed, 20 Nov 2024 21:01:40 GMT
content-type
application/javascript
last-modified
Sat, 16 Nov 2024 05:29:23 GMT
vary
Accept-Encoding
priority
u=3,i=?0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/ 		434 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4574918827049319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
32cbf7a7b3fe419f3e67353b8f32ba66e1ad502d40aa3d08437e5c9c5386a104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://5942486.xyz/

Response headers

content-encoding
br
etag
2888676038165189598
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 21:01:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 20 Nov 2024 21:01:39 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147630
x-xss-protection
0
server
cafe
main_icon.png
5942486.xyz/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5942486.xyz/main_icon.png
Requested by
Host: 5942486.xyz
URL: https://5942486.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad04823060fad18b8865d6d6cb40073faef69f7fe48766bc23eba18a53b09d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://5942486.xyz/

Response headers

cf-cache-status
BYPASS
etag
"67382db2-2f75"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EaK9RfHhkn1YtXi1GPdLHMy8raKgZ0YRcze563%2BNGmqjvYFKHsdsXvMyDKmceXTjeX0IUPvlKExt%2FqfvmUcq2mePfaMUGrzq4Qj07mDgUic%2B6PdxZ872N1bF0tsLuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24726&sent=65&recv=48&lost=0&retrans=0&sent_bytes=58661&recv_bytes=7193&delivery_rate=1134842&cwnd=33600&unsent_bytes=0&cid=65d9be54417436ee&ts=1414&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 21:01:40 GMT
content-type
image/png
last-modified
Sat, 16 Nov 2024 05:29:22 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
no-store
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5b6065deeb36b3-YYZ
accept-ranges
bytes
content-length
12149
server
cloudflare
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241119/r20190131/ Frame A50E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241119/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5942486.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
8079
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 18:47:01 GMT
etag
17661348622971093804
expires
Wed, 04 Dec 2024 18:47:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: 5942486.xyz
URL: https://5942486.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://5942486.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 20 Nov 2024 21:01:40 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
googleads.g.doubleclick.net/pagead/ Frame 68E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4574918827049319&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731734961&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F5942486.xyz%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732136499865&bpp=19&bdt=264&idt=524&shv=r20241119&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=8380638950718&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088727%2C95344788%2C95348213%2C95345967%2C95347755&oid=2&pvsid=3409549026907165&tmod=1967160396&uas=0&nvt=1&fsapi=1&fc=1920&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=608
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5942486.xyz/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 21:01:40 GMT
expires
Wed, 20 Nov 2024 21:01:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241119&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f157.1e100.net
Software
cafe /
Resource Hash
57dc01eafbd9b604cd98bbaa28ca4635149b430a22fb4645c09d08c2ade77dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://5942486.xyz/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12883
date
Wed, 20 Nov 2024 21:01:41 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
rum
5942486.xyz/cdn-cgi/ 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://5942486.xyz/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://5942486.xyz/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8e5b606b3c4536b3-YYZ
access-control-allow-origin
https://5942486.xyz
date
Wed, 20 Nov 2024 21:01:41 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://5942486.xyz/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 21:01:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 21:01:41 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
favicon.ico
5942486.xyz/ 		12 KB
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://5942486.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad04823060fad18b8865d6d6cb40073faef69f7fe48766bc23eba18a53b09d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://5942486.xyz/

Response headers

server
cloudflare
cache-control
no-store
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
etag
W/"67382dae-2f75"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bOJrehiBQhn9QNkl8V51rHjzytWWPTfgoKHI2RBs1t%2BU3WH7%2BBMM54oozRHDnEEl6K3TdluWakeC75udq7BfKU4Po%2FaoIfzhiRuqfLZnDhVBRb52bo%2BBLB9M30LmRA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5b606cbd6e36b3-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26317&sent=81&recv=62&lost=0&retrans=1&sent_bytes=73007&recv_bytes=10142&delivery_rate=2586&cwnd=33600&unsent_bytes=0&cid=65d9be54417436ee&ts=2524&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 21:01:41 GMT
content-type
image/x-icon
last-modified
Sat, 16 Nov 2024 05:29:18 GMT
vary
Accept-Encoding
priority
u=1,i
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 1D64 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5942486.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2729
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 20:16:12 GMT
expires
Wed, 20 Nov 2024 21:06:12 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7D6B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f105.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nUxQjMB0HsykM8Uc6N5g_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5942486.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-nUxQjMB0HsykM8Uc6N5g_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 21:01:42 GMT
expires
Wed, 20 Nov 2024 21:01:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241119&jk=3409549026907165&bg=!uLulu_TNAAaIaF9IqGg7ADQBe5WfOCzPX3Hk69elDZV5BqAnP5JOcH_hNmEhKB7edFHBOxu4vXcECmGpvw5GbinUAYsuAgAAAfdSAAAABGgBB34ANnnHPDPQX3dZMEptvCxdRBYYxICKpGuec5E_97WL0NrhFVtBIZG2R3ACrRX8VDpUOJfqUsPSngoAkjnM27p8uHarZs5hLPGO0KR-y80Kr5PgWhVxp-T7U6S_yKCkkKQjEqI3YRfcREFhTQ6VOtRfw2QOOX-oeghc8-h9CqERjFYaDYnd74rQveTzIirKTB2JPjNgPm03V--0W3gKyoH7sYwGnqkiURMCXx1XJzZ6uJQ8ZgFBWL5IOqKZD-KGRwfcCGP-l-cw2JoZvt9omQKTyZWN-2_dppGNLQLgisJogkCRnTSw6I18A0axy-Rthuhasp87PitjR7eY10oe4xxqQsITKUXdZAyV_Vyd6yvui-kHdwO9ePfoYZRJuoH_OzbH1PK_f0p__cT15VWR6tkiVVbWGDkTYXoIPPng_f56szp3IvwNCzfR3GlxBBmuxqvdSeT0cEyu6QOdgQHi7wJNjB6fG9O5Ag7-6Y1xHh4HNO6_1jSaQAumd-il9mV9z_wJo60GkkH4Sd6kIHspnFyxeTAz9_U7r-SL0jkjxoqcKHIiz8fr3gnLtfR6jV5B0mhjzcW1v8hDgp0S_Bb4gf3UVPbkIMw2EHo0ZaEmWlK8GV2rs6JEhV1L2WV_QQLE83gl8QfMqKHjxNa0JBiZTiyWimgLJkt_qBPwFy8eI8vuvCWTCuExagWBbzpqO_MtjzQxODoSGN2kjz-PrXglbe1qe8YFd-F2pTyOjF7jIJ0C4rUUEurf7k1OJnrM5c5auxIAr_mRhvoDSFsciDvpzGgA8nsXA1C4AFnabRLY6BK65sjClSiCXRGvSi2H9mPoHN1k0pcrbdOnsFXlPmRza1YQbsdIAPxdcZQqUs5xNqKkAKgGnRAmVWUxyroQ7G4bGMrhilIzp_HPyuI5eE6L3ASE7WBhzyLkMCK2cmAKgZQweyPk_v7pJQIJbaJEFVI1hxCbf0VYKszH5JXS-0tRajr_ukA2vOHRnc_1frfIHIupESqBULlFwexWwycT9zAzG_P0QrCYH3LSHoVz0C0dh053DXVmyd6oh8hCTjr4LwceSK8BSaDh1u6C-5WZTkGrypoGBaMiEza4U__pYM1oNz9P9QrVqyor5a0bwCZ1ietwwcWpcZPKotm5lcXlkxeb00CUfyc

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| particlesPromise object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE__ object| __cfBeacon function| hexToRgb function| clamp function| isInArray function| pJS function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission